Description

Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Remediation

References

CVE-2016-7138

Related Vulnerabilities

WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.18)

MySQL CVE-2022-21270 Vulnerability (CVE-2022-21270)

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6625)

WordPress Plugin Redirection Multiple Cross-Site Scripting Vulnerabilities (2.2.11)

MySQL CVE-2016-0503 Vulnerability (CVE-2016-0503)

Severity

Medium

Classification

CVE-2016-7138 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities