Description

Cross-site scripting (XSS) vulnerability in python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "{u,}translate."

Remediation

References

CVE-2012-5494

Related Vulnerabilities

WordPress Plugin Nginx Helper Cross-Site Scripting (1.8.9)

Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.1)

CakePHP Deserialization of Untrusted Data Vulnerability (CVE-2019-11458)

Magento CVE-2019-8123 Vulnerability (CVE-2019-8123)

WordPress Plugin DM Albums File Dislosure (1.9.2)

Severity

Medium

Classification

CVE-2012-5494 CWE-707

Tags

Missing Update Known Vulnerabilities