Description

Cross-site scripting (XSS) vulnerability in an unspecified page template in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Remediation

References

CVE-2016-7139

Related Vulnerabilities

WordPress Plugin Google Sitemap by BestWebSoft Cross-Site Scripting (3.0.7)

WordPress Plugin YOP Poll Cross-Site Scripting (6.3.2)

Drupal Core 5.x Multiple Cross-Site Scripting Vulnerabilities (5.0 - 5.1)

WordPress Plugin DW Question & Answer Cross-Site Request Forgery (1.5.7)

Oracle JRE CVE-2019-2983 Vulnerability (CVE-2019-2983)

Severity

Medium

Classification

CVE-2016-7139 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities