Description

Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2012-5490

Related Vulnerabilities

WordPress Plugin 1 Flash Gallery Cross-Site Scripting and SQL Injection Vulnerabilities (0.2.5)

Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0005)

MediaWiki CVE-2022-28206 Vulnerability (CVE-2022-28206)

WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-13292)

WordPress Plugin wpForo Forum SQL Injection (2.3.3)

Severity

Medium

Classification

CVE-2012-5490 CWE-707

Tags

Missing Update Known Vulnerabilities