Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross-Frame Scripting (XFS) on Plone CMS
Vulnerability Description
A Cross-Frame Scripting vulnerability has been found on Plone CMS affecting verssion below 6.0.5. An attacker could store a malicious URL to be opened by an administrator and execute a malicios iframe element.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
不当限制渲染UI层或帧
Vulnerability Title
Plone 安全漏洞
Vulnerability Description
Plone是一套基于Zope应用服务器构建的开源内容管理系统(CMS)。 Plone CMS 6.0.5之前版本存在安全漏洞,该漏洞源于存在跨框架脚本漏洞,攻击者可以存储由管理员打开的恶意URL并执行恶意iframe元素。
CVSS Information
N/A
Vulnerability Type
N/A