Lucene search
GoogleOSV:PYSEC-2017-59HistoryMar 07, 2017 - 4:59 p.m.
PYSEC-2017-59
2017-03-0716:59:00
Google
osv.dev
8
0.003 Low
EPSS
Percentile
71.9%
z3c.form in Plone CMS 5.x through 5.0.6 and 4.x through 4.3.11 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted GET request.
References
packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
seclists.org/fulldisclosure/2016/Oct/80
www.openwall.com/lists/oss-security/2016/09/05/4
www.openwall.com/lists/oss-security/2016/09/05/5
www.securityfocus.com/archive/1/539572/100/0/threaded
www.securityfocus.com/bid/92752
plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-forms
Related
cvelist
cvelist
CVE-2016-7136
2017-03-07 16:00:00
nvd
nvd
CVE-2016-7136
2017-03-07 16:59:00
osv
osv
CVE-2016-7136
2017-03-07 16:59:00
Plone XSS
2022-05-14 02:46:11
github
github
Plone XSS
2022-05-14 02:46:11
prion
prion
Cross site scripting
2017-03-07 16:59:00
redhatcve
redhatcve
CVE-2016-7136
2016-09-06 09:48:37
cve
cve
CVE-2016-7136
2017-03-07 16:59:00
packetstorm
packetstorm
Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection
2016-10-12 00:00:00
openvas
openvas
Plone CMS < 4.3.12, 5.x < 5.0.7 Multiple Vulnerabilities
2016-10-31 00:00:00
nessus
nessus
RHEL 5 : conga (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 5 : plone (Unpatched Vulnerability)
2024-05-11 00:00:00