Lucene search
MitreCVELIST:CVE-2016-7138HistoryMar 07, 2017 - 4:00 p.m.
CVE-2016-7138
2017-03-0716:00:00
mitre
www.cve.org
1
0.002 Low
EPSS
Percentile
64.9%
Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
seclists.org/fulldisclosure/2016/Oct/80
www.openwall.com/lists/oss-security/2016/09/05/4
www.openwall.com/lists/oss-security/2016/09/05/5
www.securityfocus.com/archive/1/539572/100/0/threaded
www.securityfocus.com/bid/92752
plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-1
Related
nvd
nvd
CVE-2016-7138
2017-03-07 16:59:01
prion
prion
Cross site scripting
2017-03-07 16:59:00
osv
osv
redhatcve
redhatcve
CVE-2016-7138
2016-09-06 10:18:43
github
github
Plone XSS
2022-05-14 02:45:59
cve
cve
CVE-2016-7138
2017-03-07 16:59:01
packetstorm
packetstorm
Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection
2016-10-12 00:00:00
openvas
openvas
Plone CMS < 4.3.12, 5.x < 5.0.7 Multiple Vulnerabilities
2016-10-31 00:00:00
nessus
nessus
RHEL 5 : conga (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 5 : plone (Unpatched Vulnerability)
2024-05-11 00:00:00