Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2016-7147

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows...

6.1CVSS6.2AI score0.01342EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2017/02/18 12:0 a.m.70 views

Plone 5.0.5 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Plone 5.0.5 Fixed in: Hotfix 20170117 Fixed Version Link: https://plone.org/security/hotfix/20170117 Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/05/2016...

6.3AI score0.01342EPSS
Exploits1
NVD
NVD
added 2017/02/04 5:59 a.m.25 views

CVE-2016-7147

Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...

6.1CVSS6.1AI score0.01342EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2017/02/04 5:59 a.m.25 views

CVE-2016-7147

Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...

6.1CVSS6.5AI score0.01342EPSS
Exploits1References5
OSV
OSV
added 2017/02/04 5:59 a.m.23 views

CVE-2016-7147

Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...

6.1CVSS6.1AI score
Exploits0References4
CVE
CVE
added 2017/02/04 5:20 a.m.61 views

CVE-2016-7147

CVE-2016-7147 is an XSS in the manage_findResult component of the Zope ZMI search for Plone: Plone 4.x (before 4.3.12) and Plone 5.x (before 5.0.7) are affected. The issue stems from an incomplete fix for CVE-2016-7140 and allows remote attackers to inject arbitrary script/HTML via obj_ids:tokens...

6.1CVSS5.9AI score0.01342EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2017/02/04 5:20 a.m.24 views

CVE-2016-7147

Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...

6.1AI score0.01342EPSS
Exploits1References4
Rows per page
Query Builder