Plone CMS Cross-Frame Scripting Vulnerability

Plone CMS Cross-Frame Scripting Vulnerability

CVE-2024-0669 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

A Cross-Frame Scripting vulnerability has been found on Plone CMS affecting verssion below 6.0.5. An attacker could store a malicious URL to be opened by an administrator and execute a malicios iframe element.

Learn more about our Cis Benchmark Audit For Apple Ios.