Oval Definition:oval:com.ubuntu.disco:def:201671470000000
Revision Date:2017-02-04Version:1
Title:CVE-2016-7147 on Ubuntu 19.04 (disco) - medium.
Description:Cross-site scripting (XSS) vulnerability in the manage_findResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the obj_ids:tokens parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7140.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-7147
Platform(s):Ubuntu 19.04
Product(s):
Definition Synopsis
  • Ubuntu 19.04 (disco) is installed.
  • AND zope2.13 package in disco is affected and needs fixing.
    • BACK