3 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-1000482
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A member of the Plone 2.5-5.1rc1 site could set javascript in the homepage property of his profile, and have this executed when a visitor click the home page li...
CVE-2017-1000482
A member of the Plone 2.5-5.1rc1 site could set javascript in the homepage property of his profile, and have this executed when a visitor click the home page link on the author page...
CVE-2017-1000482
CVE-2017-1000482 affects Plone 2.5–5.1rc1. An attacker could inject JavaScript into the home_page property of a user’s profile, causing script execution when a visitor clicks the home page link on the author page. Root cause: storing executable JS in the home_page field. Impact reported as XSS to...