Zope: >> Zope >> 2.11.0c1 Security Vulnerabilities
ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a denial of service (crash of worker threads) via vectors that trigger uncaught exceptions.
CVSS Score
4.3
EPSS Score
0.009
Published
2010-09-08
Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages.
CVSS Score
4.3
EPSS Score
0.004
Published
2010-03-25