4 matches found
Cross-Site Scripting (XSS)
collective.dms.basecontent is vulnerable to cross-site scripting. The vulnerability exists in the renderCell function of column.py due to missing escape characters which allows an attacker to inject and execute malicious JavaScript...
collective.dms.basecontent Cross-site Scripting vulnerability
A vulnerability, which was classified as problematic, has been found in collective.dms.basecontent. This issue affects the function renderCell of the file src/collective/dms/basecontent/browser/column.py. The manipulation leads to cross site scripting. The attack may be initiated remotely...
CVE-2022-4495
A vulnerability, which was classified as problematic, has been found in collective.dms.basecontent up to 1.6. This issue affects the function renderCell of the file src/collective/dms/basecontent/browser/column.py. The manipulation leads to cross site scripting. The attack may be initiated...
CVE-2022-4495
A vulnerability, which was classified as problematic, has been found in collective.dms.basecontent up to 1.6. This issue affects the function renderCell of the file src/collective/dms/basecontent/browser/column.py. The manipulation leads to cross site scripting. The attack may be initiated...