5 matches found
CVE-2023-44389
Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface ZMI. All versions of Zope 4 and Zope 5 are affected. Patches will be released wit...
CVE-2023-44389
creationtimestamp| type| source ---|---|--- 2023-10-05 00:13:42+00:00| seen| https://t.me/cibsecurity/71647...
CVE-2023-44389
Zope (Zope 4 and Zope 5) is affected by a stored XSS via the title property in the ZMI. The vulnerability arises because the title value can execute script code when viewed, with the issue mapped to the Zope management interface (ZMI). All versions are affected until patches are released in Zope ...
CVE-2023-44389 Zope management interface vulnerable to stored cross site scripting via the title property
Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface ZMI. All versions of Zope 4 and Zope 5 are affected. Patches will be released wit...
dsframework (>=0.1.9 <=0.1.12) potentially affected by CVE-2023-44389 via zope (=5.2.0)
zope PYPI version =5.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on zope and may be impacted: - dsframework =0.1.9, =0.1.12 Source cves: CVE-2023-44389 Source advisory: OSV:GHSA-M755-GXXG-R5QH...