4.3
CVSSv3

CVE-2021-33510

Published: 21/05/2021 Updated: 24/05/2021
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Vulnerability Summary

Plone up to and including 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

plone plone

Mailing Lists

CVE numbers inline below Thanks On 21/05/2021 16:07, Maurits van Rees wrote: CVE-2021-33509 CVE-2021-33512 CVE-2021-33507 CVE-2021-33513 CVE-2021-33508 issued, but I forgot that the original reporter already reserved CVE-2021-3313 which is public now with his report My bad CVE-2021-33510 CVE-2021-33511 -- Maurits van Re ...