Lucene search

K

GoogleOSV:GHSA-V3HP-F8QR-CF3P

HistoryMay 14, 2022 - 2:45 a.m.

Plone XSS

2022-05-1402:45:59

Google

osv.dev

4

0.002 Low

EPSS

Percentile

64.9%

Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

CPENameOperatorVersion
ploneeq4.1.4
ploneeq5.0.2
ploneeq4.1.5
ploneeq4.3b1
ploneeq3.3
ploneeq4.3a2
ploneeq3.3.1
ploneeq4.0.10
ploneeq4.0.6
ploneeq4.1a2

Rows per page:

1-10 of 701

References

packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html

seclists.org/fulldisclosure/2016/Oct/80

www.openwall.com/lists/oss-security/2016/09/05/4

www.openwall.com/lists/oss-security/2016/09/05/5

github.com/plone/Plone

nvd.nist.gov/vuln/detail/CVE-2016-7138

plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-1

web.archive.org/web/20210625091607/www.securityfocus.com/bid/92752

web.archive.org/web/20210625092107/www.securityfocus.com/archive/1/539572/100/0/threaded

0.002 Low

EPSS

Percentile

64.9%

Related for OSV:GHSA-V3HP-F8QR-CF3P

nvd1 prion1 cvelist1 osv2 redhatcve1 github1 cve1 packetstorm1 openvas1 nessus2