Cross-site scripting (XSS) vulnerability in PortalTransforms in Plone 2.1 up to and including 3.3.4 before hotfix 20100612 allows remote malicious users to inject arbitrary web script or HTML via the safe_html transform.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
plone plone 2.1 |
||
plone plone 2.5 |
||
plone plone 2.5.2 |
||
plone plone 3.0.3 |
||
plone plone 3.0.5 |
||
plone plone 3.1.5.1 |
||
plone plone 3.1.7 |
||
plone plone 3.3 |
||
plone plone 3.3.2 |
||
plone plone 2.1.1 |
||
plone plone 2.1.2 |
||
plone plone 2.1.3 |
||
plone plone 2.1.4 |
||
plone plone 3.0.6 |
||
plone plone 3.1 |
||
plone plone 3.1.1 |
||
plone plone 3.1.2 |
||
plone plone 3.1.3 |
||
plone plone 3.3.4 |
||
plone plone 3.3.5 |
||
plone plone 2.5.4 |
||
plone plone 2.5.5 |
||
plone plone 3.0 |
||
plone plone 3.0.1 |
||
plone plone 3.2 |
||
plone plone 3.2.1 |
||
plone plone 3.2.2 |
||
plone plone 3.2.3 |
||
plone plone 2.5.1 |
||
plone plone 2.5.3 |
||
plone plone 3.0.2 |
||
plone plone 3.0.4 |
||
plone plone 3.1.4 |
||
plone plone 3.1.6 |
||
plone plone 3.3.1 |
||
plone plone 3.3.3 |