Lucene search
PRIOn knowledge basePRION:CVE-2016-7138HistoryMar 07, 2017 - 4:59 p.m.
Cross site scripting
2017-03-0716:59:00
PRIOn knowledge base
www.prio-n.com
9
Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
References
packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
seclists.org/fulldisclosure/2016/Oct/80
www.openwall.com/lists/oss-security/2016/09/05/4
www.openwall.com/lists/oss-security/2016/09/05/5
www.securityfocus.com/archive/1/539572/100/0/threaded
www.securityfocus.com/bid/92752
plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-1
Related
nvd
nvd
CVE-2016-7138
2017-03-07 16:59:01
osv
osv
redhatcve
redhatcve
CVE-2016-7138
2016-09-06 10:18:43
github
github
Plone XSS
2022-05-14 02:45:59
cvelist
cvelist
CVE-2016-7138
2017-03-07 16:00:00
cve
cve
CVE-2016-7138
2017-03-07 16:59:01
packetstorm
packetstorm
Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection
2016-10-12 00:00:00
openvas
openvas
Plone CMS < 4.3.12, 5.x < 5.0.7 Multiple Vulnerabilities
2016-10-31 00:00:00
nessus
nessus
RHEL 5 : conga (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 5 : plone (Unpatched Vulnerability)
2024-05-11 00:00:00