Description
Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS.
Remediation
References
Related Vulnerabilities
WordPress Plugin Get Recent Comments Cross-Site Scripting (2.0.6)
WordPress Plugin Row Seats Core Unspecified Vulnerability (2.66)
WordPress Plugin Advanced Custom Fields (ACF) Cross-Site Scripting (6.1.5)
WordPress Plugin WP Human Resource Management Security Bypass (2.2.14)
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Open Redirect (4.4.1)