Описание
Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Cluster Suite 4AS | conga | Will not fix | ||
| Red Hat Enterprise Linux 5 | conga | Affected | ||
| Red Hat Enterprise Linux 5 | conga | Fixed | RHSA-2012:0151 | 21.02.2012 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=711494plone: A reflected cross site scripting vulnerability
EPSS
Процентиль: 66%
0.00526
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
ubuntu
около 14 лет назад
Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
nvd
около 14 лет назад
Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
debian
около 14 лет назад
Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allo ...
CVSS3: 6.1
github
около 7 лет назад
Cross-site scripting in Products.CMFPlone and Products.PasswordResetTool
oracle-oval
больше 13 лет назад
ELSA-2012-0151: conga security, bug fix, and enhancement update (MODERATE)
EPSS
Процентиль: 66%
0.00526
Низкий
4.3 Medium
CVSS2