You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are writing to you from INCIBE (https://www.incibe.es), the National Institute of Cybersecurity of Spain, about a vulnerability reported by an external researcher in one of your products.
Note that this report is not about an incident, nobody is exploiting the vulnerability. Simply, from INCIBE we take care of managing the CVE report, documentation and publication, in coordination with the affected parties.
The Draft is not specific enough for us to act on, it states a module, but not which module. Modules are also made by other developers, and we cannot fix those.
if a module is created to achieve this, this is not a pluck issue. Please provide more information via email so we can look in to this.
Dear PluckCMS team,
We are writing to you from INCIBE (https://www.incibe.es), the National Institute of Cybersecurity of Spain, about a vulnerability reported by an external researcher in one of your products.
We participate in the CVE Program as a CNA Root (https://www.cve.org/ProgramOrganization/Structure) , which enables us to assign and publish CVE codes.
Note that this report is not about an incident, nobody is exploiting the vulnerability. Simply, from INCIBE we take care of managing the CVE report, documentation and publication, in coordination with the affected parties.
As established in our disclosure policy (https://www.incibe.es/en/incibe-cert/early-warning/vulnerabilities/cve-assignment-publication), we are going to make this vulnerability public by the 9th of April.
If you want to provide an email, we will send you the vulnerability draft.
Thank you very much and kind regards,
The text was updated successfully, but these errors were encountered: