| The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them. |
|
 |
|
|
|
vulnerability CVE-2011-4924
Zope 2: Cross Site Scripting via standard_error_message
Synthesis of the vulnerability
| An attacker can generate a Cross Site Scripting in the error template of Zope version 2. |
Severity: 2/4.
Creation date: 19/01/2012.
|
Impacted products
Description of the vulnerability
The bulletin VIGILANCE-VUL-9343 describes a Cross Site Scripting in the error template of Zope version 2.
However, an attack variant was not corrected.
An attacker can therefore generate a Cross Site Scripting in the error template of Zope version 2. |
Share this bulletin
Complete Vigil@nce bulletin
Characteristics
Title: Zope 2: Cross Site Scripting via standard_error_message.
Keywords: Cross Scripting Site Zope standard_error_message.
Identifiers: CVE-2010-1104-ERROR, CVE-2011-4924, VIGILANCE-VUL-11305.
|
Information sources
Solutions for this vulnerability
Computer vulnerabilities tracking service
Vigil@nce provides a computer vulnerability bulletin. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The technology watch team tracks security threats targeting the computer system.
|
