Plone Multiple Security Vulnerabilities

Plone is prone to multiple security vulnerabilities, including a security-bypass issue, a cross-site scripting issue and HTML-injection issue.

Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or to perform restricted actions. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user.


 

Privacy Statement
Copyright 2010, SecurityFocus