Loading
Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages.
Use CWE-79, Zope vendor hub and Zope product page to widen CVE-2010-1104 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2021-32674, CVE-2021-32811 and CVE-2023-41050 for nearby disclosures in the same product family.