-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| plone | pip | < 4.2.3 | 4.2.3 |
| Plone | pip | >= 4.3a0, < 4.3b1 | 4.3b1 |
PythonPythonMiggo AIRoot Cause AnalysisMultiple authoritative sources (CVE, GHSA, NVD, Plone changelog) explicitly link the vulnerability to widget_traversal.py. The CWE-79 classification confirms this is an XSS flaw, which typically occurs when user input isn't properly neutralized before output. While the exact function name isn't specified in available data, the file's role in widget traversal and the security patch context (PloneHotfix20121106) strongly implicate its traversal/rendering logic as the vulnerable component.
KEV Misses 88% of Exploited CVEs- Get the report