Lucene search
Veracode Vulnerability DatabaseVERACODE:23015HistoryApr 10, 2020 - 12:12 a.m.
Cross-site Scripting (XSS)
2020-04-1000:12:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.005 Low
EPSS
Percentile
76.1%
conga is vulnerable to cross-site scripting. The vulnerability exists as it uses Zope packages which was vulnerable to script injection.
| CPE | Name | Operator | Version |
|---|---|---|---|
| conga | eq | 0.8__30.el5 | |
| conga | eq | 0.8__30.el5 |
References
lists.suse.com/archive/suse-security-announce/2007-May/0005.html
secunia.com/advisories/24017
secunia.com/advisories/24713
secunia.com/advisories/25239
www.debian.org/security/2007/dsa-1275
www.securityfocus.com/bid/23084
www.vupen.com/english/advisories/2007/1041
www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view
access.redhat.com/errata/RHBA-2007:0331
exchange.xforce.ibmcloud.com/vulnerabilities/33187
Related
nessus
nessus
FreeBSD : zope -- XSS vulnerability (34414a1e-e377-11db-b8ab-000c76189c4c)
2007-04-10 00:00:00
openSUSE 10 Security Update : zope (zope-3346)
2007-10-17 00:00:00
Debian DSA-1275-1 : zope2.7 - XSS
2007-04-10 00:00:00
nvd
nvd
CVE-2007-0240
2007-03-22 18:19:00
openvas
openvas
FreeBSD Ports: zope
2008-09-04 00:00:00
Debian: Security Advisory (DSA-1275-1)
2008-01-17 00:00:00
FreeBSD Ports: zope
2008-09-04 00:00:00
cvelist
cvelist
CVE-2007-0240
2007-03-22 18:00:00
cve
cve
CVE-2007-0240
2007-03-22 18:19:00
prion
prion
Cross site scripting
2007-03-22 18:19:00
ubuntucve
ubuntucve
CVE-2007-0240
2007-03-22 00:00:00
debian
debian
[SECURITY] [DSA 1275-1] New zope2.7 packages fix cross-site scripting flaw
2007-04-02 23:24:41
[SECURITY] [DSA 1275-1] New zope2.7 packages fix cross-site scripting flaw
2007-04-02 23:24:41
freebsd
freebsd
zope -- cross-site scripting vulnerability
2007-01-16 00:00:00
securityvulns
securityvulns