| Added |
CPE Configuration |
|
OR
*cpe:2.3:a:plone:plone:*:*:*:*:*:*:*:* versions from (including) 3.3.0 up to (including) 3.3.6
*cpe:2.3:a:plone:plone:*:*:*:*:*:*:*:* versions from (including) 4.0.0 up to (including) 4.0.9
*cpe:2.3:a:plone:plone:*:*:*:*:*:*:*:* versions from (including) 4.1.0 up to (including) 4.1.6
*cpe:2.3:a:plone:plone:*:*:*:*:*:*:*:* versions from (including) 4.2.0 up to (including) 4.2.7
*cpe:2.3:a:plone:plone:*:*:*:*:*:*:*:* versions from (including) 4.3.0 up to (including) 4.3.2
|
| Added |
CVSS V2 |
|
NIST (AV:N/AC:M/Au:N/C:N/I:P/A:N)
|
| Added |
CVSS V2 Metadata |
|
Victim must voluntarily interact with attack mechanism
|
| Added |
CVSS V3.1 |
|
NIST AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
| Added |
CWE |
|
NIST CWE-79
|
| Changed |
Reference Type |
http://seclists.org/oss-sec/2013/q4/467 No Types Assigned
|
http://seclists.org/oss-sec/2013/q4/467 Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
http://seclists.org/oss-sec/2013/q4/485 No Types Assigned
|
http://seclists.org/oss-sec/2013/q4/485 Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
https://exchange.xforce.ibmcloud.com/vulnerabilities/89623 No Types Assigned
|
https://exchange.xforce.ibmcloud.com/vulnerabilities/89623 Third Party Advisory, VDB Entry
|
| Changed |
Reference Type |
https://exchange.xforce.ibmcloud.com/vulnerabilities/89627 No Types Assigned
|
https://exchange.xforce.ibmcloud.com/vulnerabilities/89627 Third Party Advisory, VDB Entry
|
| Changed |
Reference Type |
https://plone.org/security/20131210/zope-xss-in-OFS No Types Assigned
|
https://plone.org/security/20131210/zope-xss-in-OFS Vendor Advisory
|
| Changed |
Reference Type |
https://plone.org/security/20131210/zope-xss-in-browseridmanager No Types Assigned
|
https://plone.org/security/20131210/zope-xss-in-browseridmanager Vendor Advisory
|
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
