Not Just FBI, Other websites using Plone CMS are vulnerable to 0-day Exploit.
41 plus ones
Shared publicly•View activity
- I stopped using Zope and Plone more than ten years ago, because the dev community literally ate itself. While both Zope and Plone were initially open source, far too many of the devs there jumped onto the proprietary cms train, and deliberately put hooks into the os releasing so many different forks and variants that I gave up trying trying to maintain my websites using either Plone or Zope.
Both Plone and Zope are very attractive though because they provide an elegant aesthetically pleasing interface that is tremendously easy to use, and to maintain content for. The os in the back end though, is pretty opposite of that. So, in a nutshell, easy for the users, easy for the cms administrator, not so easy for the IS guy that has to integrate, update, and maintain all of that.
In 2006 I returned to using Apache, along with Wordpress (which isn't particularly secure either, right our of the box) as my standard webdev platform. At least Wordpress remains committed to being open source and maintains good working documentation on its internal construction making it easy for me to tweak bits and pieces on my websites to foil, deflect, or deter hacks.21w
- Have you checked out nginx (in comparison to apache)? Tighter, smaller, simpler... funner :-)20w
- Sounds like a honey pot hit to me.20w