Plone Hotfix Descriptions

Descriptions of the individual hotfixes and the vulnerabilities they address.

20210518

by T. Kim Nguyen — last modified Jul 31, 2021 12:22 PM
Several fixes for remote code execution, writing arbitrary files, information disclosure, server side request forgery, and cross site scripting. Note: version 1.6 is available now.

20200121

by T. Kim Nguyen — last modified Feb 12, 2020 09:43 AM
Several fixes for privilege escalation, open redirect, password strength, overwriting files, SQL injection, and cross site scripting. Version 1.1 released February 11, 2020, with an update for the SQL Injection fix, which will not be needed for all.