Description

Cross-site scripting (XSS) vulnerability in widget_traversal.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2012-5504

Related Vulnerabilities

XWikiplatform Missing Authorization Vulnerability (CVE-2024-31983)

WordPress Plugin Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.15.22)

WordPress Plugin FluentAuth-The Ultimate Authorization & Security for WordPress Security Bypass (1.0.1)

Oracle Database Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1675)

WordPress Plugin Salon Booking System Cross-Site Scripting (6.3)

Severity

Medium

Classification

CVE-2012-5504 CWE-707

Tags

Missing Update Known Vulnerabilities