Lucene search
GoogleOSV:GHSA-H6HQ-C896-W882HistoryJul 23, 2018 - 9:01 p.m.
Low severity vulnerability that affects Plone
2018-07-2321:01:10
Google
osv.dev
5
0.001 Low
EPSS
Percentile
50.7%
Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plone 2.1 through 4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-2422.
References
osvdb.org/72728
plone.org/products/plone/security/advisories/CVE-2011-1949
secunia.com/advisories/44775
secunia.com/advisories/44776
securityreason.com/securityalert/8269
www.securityfocus.com/archive/1/518155/100/0/threaded
www.securityfocus.com/bid/48005
exchange.xforce.ibmcloud.com/vulnerabilities/67694
github.com/advisories/GHSA-h6hq-c896-w882
github.com/plone/Plone
nvd.nist.gov/vuln/detail/CVE-2011-1949
Related
cve
cve
CVE-2011-1949
2011-06-06 19:55:02
CVE-2010-2422
2022-10-03 16:21:08
nvd
nvd
CVE-2011-1949
2011-06-06 19:55:02
CVE-2010-2422
2010-06-24 12:17:44
osv
osv
PYSEC-2011-15
2011-06-06 19:55:00
PYSEC-2010-19
2010-06-24 12:17:00
Plone Cross-site Scripting vulnerability in PortalTransforms
2022-05-17 05:50:05
prion
prion
Cross site scripting
2011-06-06 19:55:00
Cross site scripting
2010-06-24 12:17:00
ubuntucve
ubuntucve
CVE-2011-1949
2011-06-06 00:00:00
cvelist
cvelist
CVE-2011-1949
2011-06-06 19:00:00
CVE-2010-2422
2022-10-03 16:21:08
github
github
Low severity vulnerability that affects Plone
2018-07-23 21:01:10
Plone Cross-site Scripting vulnerability in PortalTransforms
2022-05-17 05:50:05
veracode
veracode
Persistent Cross-site Scripting (XSS)
2017-01-03 06:14:03