Description

Cross-site scripting (XSS) vulnerability in widget_traversal.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2012-5504

Related Vulnerabilities

WordPress Plugin Zendesk Help Center by BestWebSoft Cross-Site Scripting (1.0.4)

Oracle JRE CVE-2012-3143 Vulnerability (CVE-2012-3143)

Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13674)

TYPO3 Improper Neutralization of HTTP Headers for Scripting Syntax Vulnerability (CVE-2021-41114)

WordPress Plugin Donation Forms by Charitable-Donations & Fundraising Platform for WordPress Cross-Site Scripting (1.7.0.10)

Severity

Medium

Classification

CVE-2012-5504 CWE-707

Tags

Missing Update Known Vulnerabilities