GHSA-v7q8-wvvh-c97p
Suggest an improvement- Source
- https://github.com/advisories/GHSA-v7q8-wvvh-c97p
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/07/GHSA-v7q8-wvvh-c97p/GHSA-v7q8-wvvh-c97p.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-v7q8-wvvh-c97p
- Aliases
-
- CVE-2010-1104
- Published
- 2018-07-23T19:51:28Z
- Modified
- 2024-12-02T05:44:11.898200Z
- Summary
- Moderate severity vulnerability that affects Zope2
- Details
-
Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages.
- Database specific
{ "nvd_published_at": null, "cwe_ids": [ "CWE-79" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2020-06-16T21:57:13Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2010-1104
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55599
- https://github.com/advisories/GHSA-v7q8-wvvh-c97p
- https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
- http://secunia.com/advisories/38007
- http://www.osvdb.org/61655
- http://www.securityfocus.com/bid/37765
- http://www.vupen.com/english/advisories/2010/0104
Affected packages
PyPI / zope2
Package
- Name
- zope2
- View open source insights on deps.dev
- Purl
- pkg:pypi/zope2
PyPI / zope2
Package
- Name
- zope2
- View open source insights on deps.dev
- Purl
- pkg:pypi/zope2
PyPI / zope2
Package
- Name
- zope2
- View open source insights on deps.dev
- Purl
- pkg:pypi/zope2
PyPI / zope2
Package
- Name
- zope2
- View open source insights on deps.dev
- Purl
- pkg:pypi/zope2
PyPI / zope2
Package
- Name
- zope2
- View open source insights on deps.dev
- Purl
- pkg:pypi/zope2