Medium Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33507)	CVE-2021-33507 CWE-707	CWE-707	Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33508)	CVE-2021-33508 CWE-707	CWE-707	Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33512)	CVE-2021-33512 CWE-707	CWE-707	Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33513)	CVE-2021-33513 CWE-707	CWE-707	Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35959)	CVE-2021-35959 CWE-707	CWE-707	Medium
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23599)	CVE-2022-23599 CWE-707	CWE-707	Medium
Plone CMS Other Vulnerability (CVE-2006-1711)	CVE-2006-1711		Medium
Plone CMS Other Vulnerability (CVE-2006-4247)	CVE-2006-4247		Medium
Plone CMS Other Vulnerability (CVE-2006-4249)	CVE-2006-4249		Medium
Plone CMS Other Vulnerability (CVE-2012-5486)	CVE-2012-5486		Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1950)	CVE-2011-1950 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5489)	CVE-2012-5489 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5498)	CVE-2012-5498 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5501)	CVE-2012-5501 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4191)	CVE-2013-4191 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4193)	CVE-2013-4193 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4196)	CVE-2013-4196 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4198)	CVE-2013-4198 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4200)	CVE-2013-4200 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7061)	CVE-2013-7061 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7317)	CVE-2015-7317 CWE-264	CWE-264	Medium
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4043)	CVE-2016-4043 CWE-264	CWE-264	Medium
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5496)	CVE-2012-5496		Medium
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5499)	CVE-2012-5499		Medium
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5506)	CVE-2012-5506		Medium
Plone CMS Resource Management Errors Vulnerability (CVE-2013-4188)	CVE-2013-4188		Medium
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33510)	CVE-2021-33510 CWE-918	CWE-918	Medium
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-7137)	CVE-2016-7137 CWE-601	CWE-601	Medium
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000481)	CVE-2017-1000481 CWE-601	CWE-601	Medium
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000484)	CVE-2017-1000484 CWE-601	CWE-601	Medium
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-7936)	CVE-2020-7936 CWE-601	CWE-601	Medium
Plone CMS Use of Externally-Controlled Format String Vulnerability (CVE-2017-5524)	CVE-2017-5524 CWE-134	CWE-134	Medium
Plupload Cross-site Scripting (XSS) Vulnerability (CVE-2016-4566)	CVE-2016-4566		Medium
PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4662)	CVE-2010-4662 CWE-707	CWE-707	Medium
PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4748)	CVE-2010-4748 CWE-707	CWE-707	Medium
PmWiki Other Vulnerability (CVE-2005-3849)	CVE-2005-3849		Medium
PmWiki Other Vulnerability (CVE-2006-2840)	CVE-2006-2840		Medium
PmWiki Other Vulnerability (CVE-2006-4453)	CVE-2006-4453		Medium
Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20121)	CVE-2018-20121 CWE-707	CWE-707	Medium
PostgreSQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-0062)	CVE-2014-0062 CWE-362	CWE-362	Medium
PostgreSQL Cryptographic Issues Vulnerability (CVE-2009-4034)	CVE-2009-4034		Medium
PostgreSQL Cryptographic Issues Vulnerability (CVE-2011-2483)	CVE-2011-2483		Medium
PostgreSQL Cryptographic Issues Vulnerability (CVE-2012-2143)	CVE-2012-2143		Medium
PostgreSQL CVE-2009-3229 Vulnerability (CVE-2009-3229)	CVE-2009-3229		Medium
PostgreSQL CVE-2021-3677 Vulnerability (CVE-2021-3677)	CVE-2021-3677		Medium
PostgreSQL CVE-2021-32029 Vulnerability (CVE-2021-32029)	CVE-2021-32029		Medium
PostgreSQL CVE-2023-2455 Vulnerability (CVE-2023-2455)	CVE-2023-2455		Medium
PostgreSQL CVE-2023-5868 Vulnerability (CVE-2023-5868)	CVE-2023-5868		Medium
PostgreSQL CVE-2023-5870 Vulnerability (CVE-2023-5870)	CVE-2023-5870		Medium
PostgreSQL CVE-2023-39418 Vulnerability (CVE-2023-39418)	CVE-2023-39418		Medium
PostgreSQL CVE-2024-10976 Vulnerability (CVE-2024-10976)	CVE-2024-10976		Medium
PostgreSQL CVE-2024-10978 Vulnerability (CVE-2024-10978)	CVE-2024-10978		Medium
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5288)	CVE-2015-5288 CWE-200	CWE-200	Medium
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-15099)	CVE-2017-15099 CWE-200	CWE-200	Medium
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1052)	CVE-2018-1052 CWE-200	CWE-200	Medium
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32028)	CVE-2021-32028 CWE-200	CWE-200	Medium
PostgreSQL Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2014-8161)	CVE-2014-8161 CWE-209	CWE-209	Medium
PostgreSQL Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2021-3393)	CVE-2021-3393 CWE-209	CWE-209	Medium
PostgreSQL Improper Access Control Vulnerability (CVE-2019-10130)	CVE-2019-10130 CWE-284	CWE-284	Medium
PostgreSQL Improper Authentication Vulnerability (CVE-2009-3231)	CVE-2009-3231 CWE-287	CWE-287	Medium
PostgreSQL Improper Certificate Validation Vulnerability (CVE-2012-0867)	CVE-2012-0867 CWE-295	CWE-295	Medium
PostgreSQL Improper Certificate Validation Vulnerability (CVE-2021-43767)	CVE-2021-43767 CWE-295	CWE-295	Medium
PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2005-0227)	CVE-2005-0227 CWE-94	CWE-94	Medium
PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-1899)	CVE-2013-1899 CWE-94	CWE-94	Medium
PostgreSQL Improper Input Validation Vulnerability (CVE-2012-3489)	CVE-2012-3489 CWE-20	CWE-20	Medium
PostgreSQL Improper Input Validation Vulnerability (CVE-2013-0255)	CVE-2013-0255 CWE-20	CWE-20	Medium
PostgreSQL Improper Input Validation Vulnerability (CVE-2014-0066)	CVE-2014-0066 CWE-20	CWE-20	Medium
PostgreSQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2017-12172)	CVE-2017-12172 CWE-59	CWE-59	Medium
PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-0868)	CVE-2012-0868 CWE-138	CWE-138	Medium
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2002-1401)	CVE-2002-1401 CWE-119	CWE-119	Medium
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2005-0247)	CVE-2005-0247 CWE-119	CWE-119	Medium
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0063)	CVE-2014-0063 CWE-119	CWE-119	Medium
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0065)	CVE-2014-0065 CWE-119	CWE-119	Medium
PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-5289)	CVE-2015-5289 CWE-119	CWE-119	Medium
PostgreSQL Incorrect Authorization Vulnerability (CVE-2021-20229)	CVE-2021-20229 CWE-863	CWE-863	Medium

Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33507)

CVE-2021-33507

CWE-707

Medium

Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33508)

CVE-2021-33508

CWE-707

Medium

Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33512)

CVE-2021-33512

CWE-707

Medium

Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33513)

CVE-2021-33513

CWE-707

Medium

Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35959)

CVE-2021-35959

CWE-707

Medium

Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23599)

CVE-2022-23599

CWE-707

Medium

Plone CMS Other Vulnerability (CVE-2006-1711)

CVE-2006-1711

Medium

Plone CMS Other Vulnerability (CVE-2006-4247)

CVE-2006-4247

Medium

Plone CMS Other Vulnerability (CVE-2006-4249)

CVE-2006-4249

Medium

Plone CMS Other Vulnerability (CVE-2012-5486)

CVE-2012-5486

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1950)

CVE-2011-1950

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5489)

CVE-2012-5489

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5498)

CVE-2012-5498

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5501)

CVE-2012-5501

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4191)

CVE-2013-4191

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4193)

CVE-2013-4193

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4196)

CVE-2013-4196

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4198)

CVE-2013-4198

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4200)

CVE-2013-4200

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7061)

CVE-2013-7061

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7317)

CVE-2015-7317

CWE-264

Medium

Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4043)

CVE-2016-4043

CWE-264

Medium

Plone CMS Resource Management Errors Vulnerability (CVE-2012-5496)

CVE-2012-5496

Medium

Plone CMS Resource Management Errors Vulnerability (CVE-2012-5499)

CVE-2012-5499

Medium

Plone CMS Resource Management Errors Vulnerability (CVE-2012-5506)

CVE-2012-5506

Medium

Plone CMS Resource Management Errors Vulnerability (CVE-2013-4188)

CVE-2013-4188

Medium

Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33510)

CVE-2021-33510

CWE-918

Medium

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-7137)

CVE-2016-7137

CWE-601

Medium

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000481)

CVE-2017-1000481

CWE-601

Medium

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000484)

CVE-2017-1000484

CWE-601

Medium

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-7936)

CVE-2020-7936

CWE-601

Medium

Plone CMS Use of Externally-Controlled Format String Vulnerability (CVE-2017-5524)

CVE-2017-5524

CWE-134

Medium

Plupload Cross-site Scripting (XSS) Vulnerability (CVE-2016-4566)

CVE-2016-4566

Medium

PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4662)

CVE-2010-4662

CWE-707

Medium

PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4748)

CVE-2010-4748

CWE-707

Medium

PmWiki Other Vulnerability (CVE-2005-3849)

CVE-2005-3849

Medium

PmWiki Other Vulnerability (CVE-2006-2840)

CVE-2006-2840

Medium

PmWiki Other Vulnerability (CVE-2006-4453)

CVE-2006-4453

Medium

Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20121)

CVE-2018-20121

CWE-707

Medium

PostgreSQL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2014-0062)

CVE-2014-0062

CWE-362

Medium

PostgreSQL Cryptographic Issues Vulnerability (CVE-2009-4034)

CVE-2009-4034

Medium

PostgreSQL Cryptographic Issues Vulnerability (CVE-2011-2483)

CVE-2011-2483

Medium

PostgreSQL Cryptographic Issues Vulnerability (CVE-2012-2143)

CVE-2012-2143

Medium

PostgreSQL CVE-2009-3229 Vulnerability (CVE-2009-3229)

CVE-2009-3229

Medium

PostgreSQL CVE-2021-3677 Vulnerability (CVE-2021-3677)

CVE-2021-3677

Medium

PostgreSQL CVE-2021-32029 Vulnerability (CVE-2021-32029)

CVE-2021-32029

Medium

PostgreSQL CVE-2023-2455 Vulnerability (CVE-2023-2455)

CVE-2023-2455

Medium

PostgreSQL CVE-2023-5868 Vulnerability (CVE-2023-5868)

CVE-2023-5868

Medium

PostgreSQL CVE-2023-5870 Vulnerability (CVE-2023-5870)

CVE-2023-5870

Medium

PostgreSQL CVE-2023-39418 Vulnerability (CVE-2023-39418)

CVE-2023-39418

Medium

PostgreSQL CVE-2024-10976 Vulnerability (CVE-2024-10976)

CVE-2024-10976

Medium

PostgreSQL CVE-2024-10978 Vulnerability (CVE-2024-10978)

CVE-2024-10978

Medium

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5288)

CVE-2015-5288

CWE-200

Medium

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-15099)

CVE-2017-15099

CWE-200

Medium

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1052)

CVE-2018-1052

CWE-200

Medium

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32028)

CVE-2021-32028

CWE-200

Medium

PostgreSQL Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2014-8161)

CVE-2014-8161

CWE-209

Medium

PostgreSQL Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2021-3393)

CVE-2021-3393

CWE-209

Medium

PostgreSQL Improper Access Control Vulnerability (CVE-2019-10130)

CVE-2019-10130

CWE-284

Medium

PostgreSQL Improper Authentication Vulnerability (CVE-2009-3231)

CVE-2009-3231

CWE-287

Medium

PostgreSQL Improper Certificate Validation Vulnerability (CVE-2012-0867)

CVE-2012-0867

CWE-295

Medium

PostgreSQL Improper Certificate Validation Vulnerability (CVE-2021-43767)

CVE-2021-43767

CWE-295

Medium

PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2005-0227)

CVE-2005-0227

CWE-94

Medium

PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-1899)

CVE-2013-1899

CWE-94

Medium

PostgreSQL Improper Input Validation Vulnerability (CVE-2012-3489)

CVE-2012-3489

CWE-20

Medium

PostgreSQL Improper Input Validation Vulnerability (CVE-2013-0255)

CVE-2013-0255

CWE-20

Medium

PostgreSQL Improper Input Validation Vulnerability (CVE-2014-0066)

CVE-2014-0066

CWE-20

Medium

PostgreSQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2017-12172)

CVE-2017-12172

CWE-59

Medium

PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-0868)

CVE-2012-0868

CWE-138

Medium

PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2002-1401)

CVE-2002-1401

CWE-119

Medium

PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2005-0247)

CVE-2005-0247

CWE-119

Medium

PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0063)

CVE-2014-0063

CWE-119

Medium

PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-0065)

CVE-2014-0065

CWE-119

Medium

PostgreSQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-5289)

CVE-2015-5289

CWE-119

Medium

PostgreSQL Incorrect Authorization Vulnerability (CVE-2021-20229)

CVE-2021-20229

CWE-863

Medium

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities