Reflected XSS

Versions affected

  • 4.0.5
  • 4.0.4
  • 4.0.3
  • 4.0.2
  • 4.0.1
  • 4.0
  • 3.3.5
  • 3.3.4
  • 3.3.3
  • 3.3.2

Vulnerability

This is a reflected cross site scripting attack, that is, it is exploitable by special URLs that contain the malicious content.

Current status

Credits

Discovered by

Fixed by

  • Plone Security Team

Coordinated by

  • Plone Security Team