3 matches found
CVE-2022-23599
Summary (supported by provided documents): Plone installations using Products.ATContentTypes prior to version 3.0.6 are vulnerable to reflected cross-site scripting and open redirects when a compromised image_view_fullscreen page is cached (e.g., via Varnish). The issue is mitigated by upgrading ...
CVE-2022-23599 Cross-site Scripting and Open Redirect in Products.ATContentTypes
Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. Versions of Plone that are dependent on Products.ATContentTypes prior to version 3.0.6 are vulnerable to reflected cross site scripting and open redirect when an attacker can get a compromised version of the imageviewfullscre...
CVE-2022-23599 Cross-site Scripting and Open Redirect in Products.ATContentTypes
Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. Versions of Plone that are dependent on Products.ATContentTypes prior to version 3.0.6 are vulnerable to reflected cross site scripting and open redirect when an attacker can get a compromised version of the imageviewfullscre...