Reflexive XSS

Crafted URL allows a passed full response body (or a redirect target) to be returned by accidental exposure of internal methods of the response file handle on a URL.

This is a reflexive XSS vulnerability. It is non-persistent and some browsers protect against this type of attack, but it can return full HTML.


Information for security researchers

CVE Identifier: CVE-2012-5490
Impact Subscore: 2.9
Exploitability Subscore: 8.6
Overall CVSS Score: 3.4
Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N/E:P/RL:O/RC:C)
Credit: Richard Mitchell (Plone security team)