PYSEC-2017-53

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2017-53.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2017-53

Aliases

CVE-2015-7316
GHSA-vf8g-m3vq-6p4p

Published

2017-09-25T17:29:00Z

Modified

2024-04-22T23:12:41.333471Z

Summary

[none]

Details

Cross-site scripting (XSS) vulnerability in Plone 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, 4.2.0 through 4.2.7, 4.3.x before 4.3.7, and 5.0rc1.

References

Affected packages

PyPI / plone

Package

Name: plone; View open source insights on deps.dev
Purl: pkg:pypi/plone

Affected ranges

Type: GIT
Repo: https://github.com/plone/Products.CMFPlone
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3da710a2cd68587f0bf34f2e7ea1167d6eeee087

Type: ECOSYSTEM
Events: Introduced

3.3

Fixed

4.0a1

Introduced

4.0

Fixed

4.1a1

Introduced

4.1

Fixed

4.2a1

Introduced

4.2

Fixed

4.3a1

Introduced

4.3

Fixed

4.3.7

Introduced

5.0a1

Fixed

5.0rc2

Affected versions

3.*

3.3

3.3.1

3.3.2

3.3.3

3.3.4

3.3.5

3.3.6

4.*

4.0

4.0.1

4.0.2

4.0.3

4.0.4

4.0.5

4.0.6

4.0.7

4.0.8

4.0.9

4.0.10

4.1

4.1.1

4.1.2

4.1.3

4.1.4

4.1.5

4.1.6

4.2

4.2.1

4.2.2

4.2.3

4.2.4

4.2.5

4.2.6

4.2.7

4.3

4.3.1

4.3.2

4.3.3

4.3.4

4.3.5

4.3.6

5.*

5.0a1

5.0a2

5.0a3

5.0b1

5.0b2

5.0b3

5.0b4

5.0rc1

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2017-53.yaml"