Security Advisory
CVE-2020-7939
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
SQL Injection in DTML or in connection objects in Plone 4.0 through 5.2.1 allows users to perform unwanted SQL queries. (This is a problem in Zope.)