Lucene search
K

7 matches found

Veracode
Veracode
added 2019/11/26 3:46 a.m.13 views

Cross-Site Scripting (XSS)

Zope 2 is vulnerable to cross-site scripting XSS. The vulnerability is due to an incomplete fix of CVE-2010-1104, which fails to sanitize the default standard error message errormessage parameter, allowing an attacker to inject an arbitrary script through it...

6.1CVSS2.8AI score0.0195EPSS
Exploits0References11Affected Software1
Prion
Prion
added 2019/11/25 6:15 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform...

4.3CVSS6AI score0.0195EPSS
Exploits0References7Affected Software1
Oracle linux
Oracle linux
added 2012/03/01 12:0 a.m.42 views

conga security, bug fix, and enhancement update

0.12.2-51.0.1.el5 - Added conga-enterprise.patch - Added conga-enterprise-Carthage.patch to support OEL5 - Replaced redhat logo image in conga-0.12.2.tar.gz 0.12.2-51 - Fix bz711494 CVE-2011-1948 plone: reflected XSS vulnerability - Fix bz771920 CVE-2011-4924 Zope: Incomplete upstream patch for...

4.3CVSS0.3AI score0.02367EPSS
Exploits0
NVD
NVD
added 2010/03/25 5:30 p.m.14 views

CVE-2010-1104

Cross-site scripting XSS vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages...

4.3CVSS5.9AI score0.0195EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2010/03/25 5:30 p.m.27 views

CVE-2010-1104

Cross-site scripting XSS vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages...

4.3CVSS6.5AI score0.0195EPSS
Exploits0References2
CVE
CVE
added 2010/03/25 5:0 p.m.108 views

CVE-2010-1104

CVE-2010-1104 is an XSS vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3.** The issue arises from how error messages are sanitized, allowing remote attackers to inject arbitrary web script or HTML via those error...

4.3CVSS5.8AI score0.0195EPSS
Exploits0References6Affected Software1
OpenVAS
OpenVAS
added 2010/01/20 12:0 a.m.27 views

Zope XSS Vulnerability (Jan 2010)

Zope is prone to a cross-site scripting XSS vulnerability because the application fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

4.3CVSS5.9AI score0.0195EPSS
Exploits0References2
Rows per page
Query Builder