Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Plone CMS 跨站脚本漏洞
Vulnerability Description
Plone CMS是美国Plone基金会的一套建立在应用服务器(Zope)上的免费且开源的内容管理系统(CMS)。该系统采用Python语言开发,适用于门户网站、企业内外网站、文档发布系统等。 Plone CMS中检查基础结构的URL存在跨站脚本漏洞。远程攻击者可借助特制的URL利用该漏洞注入任意的Web脚本或HTML。以下版本受到影响:Plone CMS 5.x版本至5.0.6版本,4.x版本至4.3.11版本,3.3.x版本至3.3.6版本。
CVSS Information
N/A
Vulnerability Type
N/A