CVE-2012-5502

Published: Sep 30, 2014Modified: May 6, 2026

3.5

Vector

AV:N/AC:M/Au:S/C:N/I:P/A:N

Exploitability: 6.8 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in safe_html.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors.

Affected (72)

Products: Plone: Plone

Plone

1 product

Plone

Configuration A

72 vulnerable

Vulnerable Software	Affected Versions
Plone Plone	Up to 4.2.2
Plone Plone	Version 1.0.1
Plone Plone	Version 1.0.2
Plone Plone	Version 1.0.3
Plone Plone	Version 1.0.4
Plone Plone	Version 1.0.5
Plone Plone	Version 1.0.6
Plone Plone	Version 1.0
Plone Plone	Version 2.0.1
Plone Plone	Version 2.0.2
Plone Plone	Version 2.0.3
Plone Plone	Version 2.0.4
Plone Plone	Version 2.0.5
Plone Plone	Version 2.0
Plone Plone	Version 2.1.1
Plone Plone	Version 2.1.2
Plone Plone	Version 2.1.3
Plone Plone	Version 2.1.4
Plone Plone	Version 2.1
Plone Plone	Version 2.5.1
Plone Plone	Version 2.5.2
Plone Plone	Version 2.5.3
Plone Plone	Version 2.5.4
Plone Plone	Version 2.5.5
Plone Plone	Version 2.5
Plone Plone	Version 3.0.1
Plone Plone	Version 3.0.2
Plone Plone	Version 3.0.3
Plone Plone	Version 3.0.4
Plone Plone	Version 3.0.5
Plone Plone	Version 3.0.6
Plone Plone	Version 3.0
Plone Plone	Version 3.1.1
Plone Plone	Version 3.1.2
Plone Plone	Version 3.1.3
Plone Plone	Version 3.1.4
Plone Plone	Version 3.1.5.1
Plone Plone	Version 3.1.6
Plone Plone	Version 3.1.7
Plone Plone	Version 3.1
Plone Plone	Version 3.2.1
Plone Plone	Version 3.2.2
Plone Plone	Version 3.2.3
Plone Plone	Version 3.2
Plone Plone	Version 3.3.1
Plone Plone	Version 3.3.2
Plone Plone	Version 3.3.3
Plone Plone	Version 3.3.4
Plone Plone	Version 3.3.5
Plone Plone	Version 3.3
Plone Plone	Version 4.0.1
Plone Plone	Version 4.0.2
Plone Plone	Version 4.0.3
Plone Plone	Version 4.0.4
Plone Plone	Version 4.0.5
Plone Plone	Version 4.0.6.1
Plone Plone	Version 4.0
Plone Plone	Version 4.1.4
Plone Plone	Version 4.1.5
Plone Plone	Version 4.1.6
Plone Plone	Version 4.1
Plone Plone	Version 4.2.0.1
Plone Plone	Version 4.2.1.1
Plone Plone	Version 4.2.1
Plone Plone	Version 4.2
Plone Plone	Version 4.2 a1
Plone Plone	Version 4.2 a2
Plone Plone	Version 4.2 b1
Plone Plone	Version 4.2 b2
Plone Plone	Version 4.2 rc1
Plone Plone	Version 4.2 rc2
Plone Plone	Version 4.3