PYSEC-2011-14
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2011-14.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2011-14
- Aliases
-
- CVE-2011-1948
- GHSA-p7h9-vf92-5fj5
- Published
- 2011-06-06T19:55:00Z
- Modified
- 2023-11-08T03:56:59.580714Z
- Summary
- [none]
- Details
-
Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
- References
-
- http://secunia.com/advisories/44776
- http://www.securityfocus.com/bid/48005
- http://secunia.com/advisories/44775
- http://plone.org/products/plone/security/advisories/CVE-2011-1948
- http://osvdb.org/72727
- http://securityreason.com/securityalert/8269
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67693
- http://www.securityfocus.com/archive/1/518155/100/0/threaded
Affected packages
PyPI / plone
Package
- Name
- plone
- View open source insights on deps.dev
- Purl
- pkg:pypi/plone
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.1.1
Affected versions
3.*
3.2a1
3.2rc1
3.2
3.2.1
3.2.2
3.2.3
3.3b1
3.3rc1
3.3rc2
3.3rc3
3.3rc4
3.3rc5
3.3
3.3.1
3.3.2
3.3.3
3.3.4
3.3.5
3.3.6
4.*
4.0a1
4.0a2
4.0a3
4.0a4
4.0a5
4.0b1
4.0b2
4.0b3
4.0b4
4.0b5
4.0rc1
4.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.0.10
4.1a1
4.1a2
4.1a3
4.1b1
4.1b2
4.1rc2
4.1rc3
4.1