Upstream information
Description
Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform sanitization. NOTE: this issue exists because of an incomplete fix for CVE-2010-1104SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
SUSE Bugzilla entry: 743061 [RESOLVED / FIXED] No SUSE Security Announcements cross referenced.SUSE Timeline for this CVE
CVE page created: Tue Jul 9 19:22:50 2013CVE page last modified: Fri Oct 7 12:46:10 2022