CVE-2008-4571 in Ploneالمعلومات

الملخص

بحسب MITRE

Cross-site scripting (XSS) vulnerability in the LiveSearch module in Plone before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the Description field for search results, as demonstrated using the onerror Javascript even in an IMG tag.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

حجز

15/10/2008

إفشاء

15/10/2008

الاعتدال

تمت الموافقة

إدخال

VDB-44537

EPSS

0.01144

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!