Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
[CVE-REQUEST] Plone XSS and permission errors
May 26 2011 02:06PM
matthew matthewwilkes name
As a member of the Plone security response team I hereby notify you that we have been made aware of three distinct security holes in Plone and are requesting CVE identifiers.
1. Reflected XSS attack
A crafted URL can display arbitrary HTML output
2. Persistent XSS attack
[ more ]
Copyright 2010, SecurityFocus