Plone XSS

🗓️ 14 May 2022 02:45:59Reported by GitHub Advisory DatabaseType

Plone CMS XSS vulnerability in URL checkin

Reporter	Title	Published	Views	Family All 15
CNVD	plone reflective cross-site scripting vulnerability (CNVD-2016-07280)	6 Sep 201600:00	–	cnvd
CVE	CVE-2016-7138	7 Mar 201716:00	–	cve
Cvelist	CVE-2016-7138	7 Mar 201716:00	–	cvelist
EUVD	EUVD-2017-0094	7 Oct 202500:30	–	euvd
NVD	CVE-2016-7138	7 Mar 201716:59	–	nvd
OpenVAS	Plone CMS < 4.3.12, 5.x < 5.0.7 Multiple Vulnerabilities	31 Oct 201600:00	–	openvas
OSV	GHSA-V3HP-F8QR-CF3P Plone XSS	14 May 202202:45	–	osv
OSV	PYSEC-2017-61	7 Mar 201716:59	–	osv
Packet Storm	Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection	12 Oct 201600:00	–	packetstorm
Prion	Cross site scripting	7 Mar 201716:59	–	prion

Vulners

Node

plone ploneRange3.3.0–3.3.6pip

plone ploneRange4.0.0–4.3.11pip

plone ploneRange5.0.0–5.0.6pip

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-7138
plone	www.plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-1
packetstormsecurity	www.packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
seclists	www.seclists.org/fulldisclosure/2016/Oct/80
openwall	www.openwall.com/lists/oss-security/2016/09/05/4
openwall	www.openwall.com/lists/oss-security/2016/09/05/5
web	www.web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752
web	www.web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded
github	www.github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-61.yaml
securityfocus	www.securityfocus.com/archive/1/539572/100/0/threaded

18 Oct 2024 21:40Current

5.8Medium risk

Vulners AI Score5.8

CVSS 24.3

CVSS 36.1

EPSS0.00491