Stored XSS in folder contents

Versions affected

5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.1rc2
5.1rc1
5.1b4
5.1b3
5.1b2
5.1a2
5.1a1
5.1.7
5.1.6
5.1.5
5.1.4
5.1.2
5.1.1
5.1
5.0rc3
5.0rc2
5.0rc1
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
5.0.2
5.0.10
5.0.1
5.0

Vulnerability

A Contributor could add a script tag to a field which is used in the folder contents, and it would get loaded there. Plone 5.0 and higher are vulnerable.

Current status

Fixed in version 1.5 of the hotfix.

Credits

Discovered by

Matt Moreschi

Fixed by

Plone Security Team

Coordinated by

Plone Security Team

Contact

You can contact the security team confidentially by email at security@plone.org

More information

CVE Identifier

CVE-2021-35959

Type

Cross Site Scripting

Severity

4.0 – medium
Vector	Network
Complexity	Low
Authentication	Single
Confidentiality	Partial
Integrity	None
Availability	None

Timeline

Vulnerability reported: 2021-06-23
Hotfix released: 2021-06-28