Lucene search
GoogleOSV:GHSA-4793-W44W-M7XMHistoryMay 05, 2022 - 12:29 a.m.
Plone Zope cross-site scripting (XSS) vulnerability
2022-05-0500:29:17
Google
osv.dev
12
zope
cross-site scripting
xss
vulnerability
plone
remote attackers
web script
html
browser_id_manager
ofs.image
unspecified input
software
EPSS
0.003
Percentile
69.2%
Multiple cross-site scripting (XSS) vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unspecified input in the (1) browser_id_manager or (2) OFS.Image method.
References
seclists.org/oss-sec/2013/q4/467
seclists.org/oss-sec/2013/q4/485
exchange.xforce.ibmcloud.com/vulnerabilities/89623
exchange.xforce.ibmcloud.com/vulnerabilities/89627
github.com/plone/Plone
nvd.nist.gov/vuln/detail/CVE-2013-7062
plone.org/security/20131210/zope-xss-in-browseridmanager
plone.org/security/20131210/zope-xss-in-OFS
Related
prion
prion
Cross site scripting
2020-01-02 19:15:00
github
github
Plone Zope cross-site scripting (XSS) vulnerability
2022-05-05 00:29:17
ubuntucve
ubuntucve
CVE-2013-7062
2020-01-02 00:00:00
osv
osv
PYSEC-2020-218
2020-01-02 19:15:00
nvd
nvd
CVE-2013-7062
2020-01-02 19:15:12
cvelist
cvelist
CVE-2013-7062
2020-01-02 18:18:18
cve
cve
CVE-2013-7062
2020-01-02 19:15:12
nessus
nessus
RHEL 5 : conga (Unpatched Vulnerability)
2024-06-03 00:00:00