PT-2011-3491 · Plone+1 · Plone+1

Published

2011-06-06

Updated

2023-02-13

CVE-2011-1948

CVSS v4.0

5.3

Medium

Vector

AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Name of the Vulnerable Software and Affected Versions Plone versions 4.1 and earlier

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Recommendations For Plone versions 4.1 and earlier, update to a version later than 4.1 to resolve the issue.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2011-1948

GHSA-P7H9-VF92-5FJ5

PYSEC-2011-14

RHSA-2012:0151

RHSA-2012_0151

Plone

Red Hat