CVE-2010-1104

CVE-2010-1104

EPSS 1.9%

Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://secunia.com/advisories/38007 https://exchange.xforce.ibmcloud.com/vulnerabilities/55599 https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html http://www.osvdb.org/61655 http://www.securityfocus.com/bid/37765 http://www.vupen.com/english/advisories/2010/0104