CVE-2021-29002

Cross-site Scripting in pypi/Plone

Identifier

CVE-2021-29002

Package Slug

pypi/Plone

Vulnerability

Cross-site Scripting

Description

A stored cross-site scripting (XSS) vulnerability in Plone CMS exists in site-controlpanel via the form.widgets.site_title parameter.

Affected Versions

Version 5.2.3

Solution

Upgrade to version 5.2.4 or above.

Last Modified

2021-03-25

source