CVE-2010-1104

EPSS 0.52%

Moderate severity vulnerability that affects Zope2

發布日:2018/7/23修改日:2024/12/2

描述

Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages.

受影響套件(1)

PyPI/zope2>= 2.8.0, < 2.8.12

參考連結(8)

ADVISORYhttps://github.com/advisories/GHSA-v7q8-wvvh-c97p
ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2010-1104
WEBhttp://secunia.com/advisories/38007
WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/55599
WEBhttps://mail.zope.org/pipermail/zope-announce/2010-January/002229.html
WEBhttp://www.osvdb.org/61655
WEBhttp://www.securityfocus.com/bid/37765
WEBhttp://www.vupen.com/english/advisories/2010/0104