Plone Hotfix Descriptions

Descriptions of the individual hotfixes and the vulnerabilities they address.

20220128

— by Maurits — last modified Jan 31, 2022 08:32 AM

Security fix for image_view_fullscreen: cache poisoning

Read More…

20210518

— by T. Kim Nguyen — last modified Jul 31, 2021 12:22 PM

Several fixes for remote code execution, writing arbitrary files, information disclosure, server side request forgery, and cross site scripting. Note: version 1.6 is available now.

Read More…

20200121

— by T. Kim Nguyen — last modified Feb 12, 2020 09:43 AM

Several fixes for privilege escalation, open redirect, password strength, overwriting files, SQL injection, and cross site scripting. Version 1.1 released February 11, 2020, with an update for the SQL Injection fix, which will not be needed for all.

Read More…

20171128

— by T. Kim Nguyen — last modified Nov 28, 2017 03:30 PM

Several XSS and redirect fixes, and a sandbox escape fix.

Read More…

20170117

— by T. Kim Nguyen — last modified Nov 28, 2017 03:28 PM

XSS and sandbox escape vulnerability

Read More…

20161129

— by T. Kim Nguyen — last modified Nov 29, 2016 07:48 PM

Fixes various XSS and open redirection vulnerabilities

Read More…

20160830

— by T. Kim Nguyen — last modified Dec 01, 2016 03:13 PM

Fixes various XSS and open redirection vulnerabilities

Read More…

20160419

— by Nathan Van Gheem — last modified May 01, 2016 03:20 AM

20160419

Read More…

20151208

— by Nathan Van Gheem — last modified Nov 28, 2017 03:51 PM

20151208

Read More…

20151006

— by Alexander Loechel — last modified Feb 19, 2021 01:04 PM

20151006

Read More…

20150910

— by Alexander Loechel — last modified May 01, 2016 03:21 AM

20150910

Read More…

20131210

— by matthewwilkes — last modified May 01, 2016 03:21 AM

20131210

Read More…

20130618

— by matthewwilkes — last modified May 01, 2016 03:22 AM

Plone Hotfix 20130618

Read More…

20121106

— by evilbungle — last modified May 01, 2016 03:21 AM

AKA 20121106

Read More…

20111004

— by evilbungle — last modified May 01, 2016 03:22 AM

AKA 20113587 or 20110928

Read More…

20110208

— by evilbungle — last modified May 01, 2016 03:22 AM

AKK 20110720

Read More…

20110628

— by evilbungle — last modified May 01, 2016 03:22 AM

AKA 20112528 or 20110622

Read More…

20110601

— by evilbungle — last modified May 01, 2016 03:22 AM

AKA 20110531

Read More…