Описание
Cross-site scripting (XSS) vulnerability in PortalTransforms in Plone 2.1 through 3.3.4 before hotfix 20100612 allows remote attackers to inject arbitrary web script or HTML via the safe_html transform.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Cluster Suite 4AS | conga | Affected | ||
| Red Hat Enterprise Linux 5 | conga | Affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=608098Plone: Cross-site scripting (XSS) vulnerability in PortalTransforms
4.9 Medium
CVSS2
Связанные уязвимости
nvd
больше 15 лет назад
Cross-site scripting (XSS) vulnerability in PortalTransforms in Plone 2.1 through 3.3.4 before hotfix 20100612 allows remote attackers to inject arbitrary web script or HTML via the safe_html transform.
debian
больше 15 лет назад
Cross-site scripting (XSS) vulnerability in PortalTransforms in Plone ...
CVSS3: 6.1
github
больше 3 лет назад
Plone Cross-site Scripting vulnerability in PortalTransforms
4.9 Medium
CVSS2