Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-0097

Malware in sbrugna...

6.1CVSS6.1AI score0.01342EPSS
Exploits1References11
OSV
OSV
added 2022/05/17 3:0 a.m.18 views

GHSA-84JM-CPC5-C7G7 Plone XSS in Zope ZMI

Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...

6.1CVSS6AI score0.01342EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2022/05/17 3:0 a.m.17 views

Plone XSS in Zope ZMI

Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...

6.1CVSS6.1AI score0.01342EPSS
Exploits1References7Affected Software1
CNVD
CNVD
added 2017/02/07 12:0 a.m.3 views

Plone Incompletely Fixes Cross-Site Scripting Vulnerability

Plone is the United States Plone Foundation's set of free and open source content management system CMS built on Zope based on Python's open source object-oriented Web application server.Zope ZMI is one of the management interface. A cross-site scripting vulnerability exists in the managefindResu...

6.1CVSS6.1AI score0.01342EPSS
Exploits1References1
OSV
OSV
added 2017/02/04 5:59 a.m.18 views

CVE-2016-7147

Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...

6.1CVSS6.1AI score
Exploits0References4
NVD
NVD
added 2017/02/04 5:59 a.m.25 views

CVE-2016-7147

Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...

6.1CVSS6.1AI score0.01342EPSS
Exploits1References4
Prion
Prion
added 2017/02/04 5:59 a.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...

4.3CVSS6AI score0.01575EPSS
Exploits3References4Affected Software1
OSV
OSV
added 2017/02/04 5:59 a.m.27 views

PYSEC-2017-64

Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...

6.1CVSS3.9AI score0.01342EPSS
Exploits1References5
PyPA
PyPA
added 2017/02/04 5:59 a.m.7 views

PYSEC-2017-64

Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...

6.1CVSS6.1AI score0.01575EPSS
Exploits3References5Affected Software1
CVE
CVE
added 2017/02/04 5:20 a.m.60 views

CVE-2016-7147

CVE-2016-7147 is an XSS in the manage_findResult component of the Zope ZMI search for Plone: Plone 4.x (before 4.3.12) and Plone 5.x (before 5.0.7) are affected. The issue stems from an incomplete fix for CVE-2016-7140 and allows remote attackers to inject arbitrary script/HTML via obj_ids:tokens...

6.1CVSS5.9AI score0.01342EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2017/02/04 5:20 a.m.23 views

CVE-2016-7147

Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...

6.1AI score0.01342EPSS
Exploits1References4
Rows per page
Query Builder