Description

Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2012-5490

Related Vulnerabilities

Oracle JRE CVE-2018-2634 Vulnerability (CVE-2018-2634)

PHP-Fusion URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-23182)

Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-9554)

WordPress Plugin WP Reroute Email Cross-Site Scripting (1.4.9)

WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2017-8295)

Severity

Medium

Classification

CVE-2012-5490 CWE-707

Tags

Missing Update Known Vulnerabilities