2 matches found
CVE-2017-1000431
eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts which may e.g. steal authentication credentials...
CVE-2017-1000431
CVE-2017-1000431 affects eZ Publish: versions 5.4.0–5.4.9 and 5.3.12 and older. The vulnerability is an XSS in the search module that could allow an attacker to inject scripts and potentially steal authentication credentials. The linked sources (e.g., ezpublish advisory and security pages) confir...