CVE-2021-33511: Server-Side Request Forgery (SSRF)
(updated )
Plone suffers from a SSRF flaw via the lxml parser. This affects Diazo themes, Dexterity TTW schemas, and modeleditors in plone.app.theming
, plone.app.dexterity
, and plone.supermodel
.
References
Detect and mitigate CVE-2021-33511 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →