CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-3313

Plone CMS until version 5.2.4 has a stored Cross-Site Scripting (XSS) vulnerability in the user fullname property and the file upload functionality. The user's input data is not properly encoded when being echoed back to the user. This data can be interpreted as executable code by the browser and allows an attacker to execute JavaScript in the context of the victim's browser if the victim opens a vulnerable page containing an XSS payload.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.5%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2021-3313

Plone » Plone » Version: 1.0

cpe:2.3:a:plone:plone:1.0
Plone » Plone » Version: 1.0.1

cpe:2.3:a:plone:plone:1.0.1
Plone » Plone » Version: 1.0.2

cpe:2.3:a:plone:plone:1.0.2
Plone » Plone » Version: 1.0.3

cpe:2.3:a:plone:plone:1.0.3
Plone » Plone » Version: 1.0.4

cpe:2.3:a:plone:plone:1.0.4
Plone » Plone » Version: 1.0.5

cpe:2.3:a:plone:plone:1.0.5
Plone » Plone » Version: 1.0.6

cpe:2.3:a:plone:plone:1.0.6
Plone » Plone » Version: 2.0

cpe:2.3:a:plone:plone:2.0
Plone » Plone » Version: 2.0.1

cpe:2.3:a:plone:plone:2.0.1
Plone » Plone » Version: 2.0.2

cpe:2.3:a:plone:plone:2.0.2
Plone » Plone » Version: 2.0.3

cpe:2.3:a:plone:plone:2.0.3
Plone » Plone » Version: 2.0.4

cpe:2.3:a:plone:plone:2.0.4
Plone » Plone » Version: 2.0.5

cpe:2.3:a:plone:plone:2.0.5
Plone » Plone » Version: 2.1

cpe:2.3:a:plone:plone:2.1
Plone » Plone » Version: 2.1.1

cpe:2.3:a:plone:plone:2.1.1
Plone » Plone » Version: 2.1.2

cpe:2.3:a:plone:plone:2.1.2
Plone » Plone » Version: 2.1.3

cpe:2.3:a:plone:plone:2.1.3
Plone » Plone » Version: 2.1.4

cpe:2.3:a:plone:plone:2.1.4
Plone » Plone » Version: 2.5

cpe:2.3:a:plone:plone:2.5
Plone » Plone » Version: 2.5.1

cpe:2.3:a:plone:plone:2.5.1
Plone » Plone » Version: 2.5.2

cpe:2.3:a:plone:plone:2.5.2
Plone » Plone » Version: 2.5.3

cpe:2.3:a:plone:plone:2.5.3
Plone » Plone » Version: 2.5.4

cpe:2.3:a:plone:plone:2.5.4
Plone » Plone » Version: 2.5.5

cpe:2.3:a:plone:plone:2.5.5
Plone » Plone » Version: 3.0

cpe:2.3:a:plone:plone:3.0
Plone » Plone » Version: 3.0.1

cpe:2.3:a:plone:plone:3.0.1
Plone » Plone » Version: 3.0.2

cpe:2.3:a:plone:plone:3.0.2
Plone » Plone » Version: 3.0.3

cpe:2.3:a:plone:plone:3.0.3
Plone » Plone » Version: 3.0.4

cpe:2.3:a:plone:plone:3.0.4
Plone » Plone » Version: 3.0.5

cpe:2.3:a:plone:plone:3.0.5
Plone » Plone » Version: 3.0.6

cpe:2.3:a:plone:plone:3.0.6
Plone » Plone » Version: 3.1

cpe:2.3:a:plone:plone:3.1
Plone » Plone » Version: 3.1.1

cpe:2.3:a:plone:plone:3.1.1
Plone » Plone » Version: 3.1.2

cpe:2.3:a:plone:plone:3.1.2
Plone » Plone » Version: 3.1.3

cpe:2.3:a:plone:plone:3.1.3
Plone » Plone » Version: 3.1.4

cpe:2.3:a:plone:plone:3.1.4
Plone » Plone » Version: 3.1.5.1

cpe:2.3:a:plone:plone:3.1.5.1
Plone » Plone » Version: 3.1.6

cpe:2.3:a:plone:plone:3.1.6
Plone » Plone » Version: 3.1.7

cpe:2.3:a:plone:plone:3.1.7
Plone » Plone » Version: 3.2

cpe:2.3:a:plone:plone:3.2
Plone » Plone » Version: 3.2.1

cpe:2.3:a:plone:plone:3.2.1
Plone » Plone » Version: 3.2.2

cpe:2.3:a:plone:plone:3.2.2
Plone » Plone » Version: 3.2.3

cpe:2.3:a:plone:plone:3.2.3
Plone » Plone » Version: 3.3

cpe:2.3:a:plone:plone:3.3
Plone » Plone » Version: 3.3.0

cpe:2.3:a:plone:plone:3.3.0
Plone » Plone » Version: 3.3.1

cpe:2.3:a:plone:plone:3.3.1
Plone » Plone » Version: 3.3.2

cpe:2.3:a:plone:plone:3.3.2
Plone » Plone » Version: 3.3.3

cpe:2.3:a:plone:plone:3.3.3
Plone » Plone » Version: 3.3.4

cpe:2.3:a:plone:plone:3.3.4
Plone » Plone » Version: 3.3.5

cpe:2.3:a:plone:plone:3.3.5
Plone » Plone » Version: 3.3.6

cpe:2.3:a:plone:plone:3.3.6
Plone » Plone » Version: 4.0

cpe:2.3:a:plone:plone:4.0
Plone » Plone » Version: 4.0.0

cpe:2.3:a:plone:plone:4.0.0
Plone » Plone » Version: 4.0.1

cpe:2.3:a:plone:plone:4.0.1
Plone » Plone » Version: 4.0.10

cpe:2.3:a:plone:plone:4.0.10
Plone » Plone » Version: 4.0.2

cpe:2.3:a:plone:plone:4.0.2
Plone » Plone » Version: 4.0.3

cpe:2.3:a:plone:plone:4.0.3
Plone » Plone » Version: 4.0.4

cpe:2.3:a:plone:plone:4.0.4
Plone » Plone » Version: 4.0.5

cpe:2.3:a:plone:plone:4.0.5
Plone » Plone » Version: 4.0.6

cpe:2.3:a:plone:plone:4.0.6
Plone » Plone » Version: 4.0.6.1

cpe:2.3:a:plone:plone:4.0.6.1
Plone » Plone » Version: 4.0.7

cpe:2.3:a:plone:plone:4.0.7
Plone » Plone » Version: 4.0.8

cpe:2.3:a:plone:plone:4.0.8
Plone » Plone » Version: 4.0.9

cpe:2.3:a:plone:plone:4.0.9
Plone » Plone » Version: 4.1

cpe:2.3:a:plone:plone:4.1
Plone » Plone » Version: 4.1.0

cpe:2.3:a:plone:plone:4.1.0
Plone » Plone » Version: 4.1.1

cpe:2.3:a:plone:plone:4.1.1
Plone » Plone » Version: 4.1.2

cpe:2.3:a:plone:plone:4.1.2
Plone » Plone » Version: 4.1.3

cpe:2.3:a:plone:plone:4.1.3
Plone » Plone » Version: 4.1.4

cpe:2.3:a:plone:plone:4.1.4
Plone » Plone » Version: 4.1.5

cpe:2.3:a:plone:plone:4.1.5
Plone » Plone » Version: 4.1.6

cpe:2.3:a:plone:plone:4.1.6
Plone » Plone » Version: 4.2

cpe:2.3:a:plone:plone:4.2
Plone » Plone » Version: 4.2.0

cpe:2.3:a:plone:plone:4.2.0
Plone » Plone » Version: 4.2.1

cpe:2.3:a:plone:plone:4.2.1
Plone » Plone » Version: 4.2.2

cpe:2.3:a:plone:plone:4.2.2
Plone » Plone » Version: 4.2.3

cpe:2.3:a:plone:plone:4.2.3
Plone » Plone » Version: 4.2.4

cpe:2.3:a:plone:plone:4.2.4
Plone » Plone » Version: 4.2.5

cpe:2.3:a:plone:plone:4.2.5
Plone » Plone » Version: 4.2.6

cpe:2.3:a:plone:plone:4.2.6
Plone » Plone » Version: 4.2.7

cpe:2.3:a:plone:plone:4.2.7
Plone » Plone » Version: 4.3

cpe:2.3:a:plone:plone:4.3
Plone » Plone » Version: 4.3.0

cpe:2.3:a:plone:plone:4.3.0
Plone » Plone » Version: 4.3.1

cpe:2.3:a:plone:plone:4.3.1
Plone » Plone » Version: 4.3.10

cpe:2.3:a:plone:plone:4.3.10
Plone » Plone » Version: 4.3.11

cpe:2.3:a:plone:plone:4.3.11
Plone » Plone » Version: 4.3.12

cpe:2.3:a:plone:plone:4.3.12
Plone » Plone » Version: 4.3.13

cpe:2.3:a:plone:plone:4.3.13
Plone » Plone » Version: 4.3.14

cpe:2.3:a:plone:plone:4.3.14
Plone » Plone » Version: 4.3.15

cpe:2.3:a:plone:plone:4.3.15
Plone » Plone » Version: 4.3.16

cpe:2.3:a:plone:plone:4.3.16
Plone » Plone » Version: 4.3.17

cpe:2.3:a:plone:plone:4.3.17
Plone » Plone » Version: 4.3.18

cpe:2.3:a:plone:plone:4.3.18
Plone » Plone » Version: 4.3.19

cpe:2.3:a:plone:plone:4.3.19
Plone » Plone » Version: 4.3.2

cpe:2.3:a:plone:plone:4.3.2
Plone » Plone » Version: 4.3.20

cpe:2.3:a:plone:plone:4.3.20
Plone » Plone » Version: 4.3.3

cpe:2.3:a:plone:plone:4.3.3
Plone » Plone » Version: 4.3.4

cpe:2.3:a:plone:plone:4.3.4
Plone » Plone » Version: 4.3.5

cpe:2.3:a:plone:plone:4.3.5
Plone » Plone » Version: 4.3.6

cpe:2.3:a:plone:plone:4.3.6
Plone » Plone » Version: 4.3.7

cpe:2.3:a:plone:plone:4.3.7
Plone » Plone » Version: 4.3.8

cpe:2.3:a:plone:plone:4.3.8
Plone » Plone » Version: 4.3.9

cpe:2.3:a:plone:plone:4.3.9
Plone » Plone » Version: 5.0

cpe:2.3:a:plone:plone:5.0
Plone » Plone » Version: 5.0.1

cpe:2.3:a:plone:plone:5.0.1
Plone » Plone » Version: 5.0.10

cpe:2.3:a:plone:plone:5.0.10
Plone » Plone » Version: 5.0.2

cpe:2.3:a:plone:plone:5.0.2
Plone » Plone » Version: 5.0.3

cpe:2.3:a:plone:plone:5.0.3
Plone » Plone » Version: 5.0.4

cpe:2.3:a:plone:plone:5.0.4
Plone » Plone » Version: 5.0.5

cpe:2.3:a:plone:plone:5.0.5
Plone » Plone » Version: 5.0.6

cpe:2.3:a:plone:plone:5.0.6
Plone » Plone » Version: 5.0.7

cpe:2.3:a:plone:plone:5.0.7
Plone » Plone » Version: 5.0.8

cpe:2.3:a:plone:plone:5.0.8
Plone » Plone » Version: 5.0.9

cpe:2.3:a:plone:plone:5.0.9
Plone » Plone » Version: 5.1

cpe:2.3:a:plone:plone:5.1
Plone » Plone » Version: 5.1.1

cpe:2.3:a:plone:plone:5.1.1
Plone » Plone » Version: 5.1.2

cpe:2.3:a:plone:plone:5.1.2
Plone » Plone » Version: 5.1.3

cpe:2.3:a:plone:plone:5.1.3
Plone » Plone » Version: 5.1.4

cpe:2.3:a:plone:plone:5.1.4
Plone » Plone » Version: 5.1.5

cpe:2.3:a:plone:plone:5.1.5
Plone » Plone » Version: 5.1.6

cpe:2.3:a:plone:plone:5.1.6
Plone » Plone » Version: 5.1.7

cpe:2.3:a:plone:plone:5.1.7
Plone » Plone » Version: 5.1a1

cpe:2.3:a:plone:plone:5.1a1
Plone » Plone » Version: 5.1a2

cpe:2.3:a:plone:plone:5.1a2
Plone » Plone » Version: 5.1b2

cpe:2.3:a:plone:plone:5.1b2
Plone » Plone » Version: 5.1b3

cpe:2.3:a:plone:plone:5.1b3
Plone » Plone » Version: 5.1b4

cpe:2.3:a:plone:plone:5.1b4
Plone » Plone » Version: 5.1rc1

cpe:2.3:a:plone:plone:5.1rc1
Plone » Plone » Version: 5.1rc2

cpe:2.3:a:plone:plone:5.1rc2
Plone » Plone » Version: 5.2

cpe:2.3:a:plone:plone:5.2
Plone » Plone » Version: 5.2.0

cpe:2.3:a:plone:plone:5.2.0
Plone » Plone » Version: 5.2.1

cpe:2.3:a:plone:plone:5.2.1
Plone » Plone » Version: 5.2.2

cpe:2.3:a:plone:plone:5.2.2
Plone » Plone » Version: 5.2.3

cpe:2.3:a:plone:plone:5.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-3313

Products

Pricing

Contact Us