Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

Multiple Plone Cross-Site Scripting Vulnerabilities


Plone is a free and open source content management system, and is ranked among the top 2% of all open source projects worldwide. More than 350 solution providers in more than 100 countries currently support it. The project has been actively developed since 2001, is available in more than 40 languages, and has the best security track record of any major CMS. The users ( include the Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), the Intellectual Property Rights Center, and so on.

Earlier this year, FortiGuard Labs discovered two cross-site scripting (XSS) vulnerabilities and one cross-site request forgery (CSRF) vulnerability affecting Plone versions from 2.5.5 to 5.1rc1. The first cross-site scripting (XSS) vulnerability exists in the Plone login process and only works in conjunction with the CSRF issue, so Plone has addressed them together in their recent update. The second XSS vulnerability is caused...(continued)

View All Trending Stories