Cross-Site Scripting (XSS) Vulnerability in z3c.form in Plone CMS 5.x and 4.x

Cross-Site Scripting (XSS) Vulnerability in z3c.form in Plone CMS 5.x and 4.x

CVE-2016-7136 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

z3c.form in Plone CMS 5.x through 5.0.6 and 4.x through 4.3.11 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted GET request.

Learn more about our Cms Pen Testing.