QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2011-1949

Back to search

CVE-2011-1949

Published: Jun 6, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plone 2.1 through 4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-2422.

VendorProductVersions

n/a

n/a

affected
n/a

References

72728
vdb-entry
x_refsource_OSVDB
44775
third-party-advisory
x_refsource_SECUNIA
48005
vdb-entry
x_refsource_BID
44776
third-party-advisory
x_refsource_SECUNIA
8269
third-party-advisory
x_refsource_SREASON
plone-portalportal-xss(67694)
vdb-entry
x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now