VYPR

Volto

by Plone (software)

Source repositories

CVEs (3)

  • CVE-2025-61668HigOct 2, 2025
    risk 0.50cvss epss 0.00

    Volto is a ReactJS-based frontend for the Plone Content Management System. Versions 16.34.0 and below, 17.0.0 through 17.22.1, 18.0.0 through 18.27.1, and 19.0.0-alpha.1 through 19.0.0-alpha.5, an anonymous user could cause the NodeJS server part of Volto to quit with an error…

  • CVE-2025-58047HigAug 28, 2025
    risk 0.42cvss 7.5epss 0.01

    Volto is a React based frontend for the Plone Content Management System. In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before 18.24.0, 17.0.0 to before 17.22.1, and prior to 16.34.0, an anonymous user could cause the NodeJS server part of Volto to quit with…

  • CVE-2022-24740Mar 14, 2022
    risk 0.00cvss epss 0.01

    Volto is a ReactJS-based frontend for the Plone Content Management System. Between versions 14.0.0-alpha.5 and 15.0.0-alpha.0, a user could have their authentication cookie replaced with an authentication cookie from another user, effectively giving them control of the other…