Description
Cross-site scripting (XSS) vulnerability in PortalTransforms in Plone 2.1 through 3.3.4 before hotfix 20100612 allows remote attackers to inject arbitrary web script or HTML via the safe_html transform.
Remediation
References
Related Vulnerabilities
PHP Use After Free Vulnerability (CVE-2016-9138)
WordPress Plugin Portfolio Gallery-Photo Gallery Cross-Site Scripting (2.2.2)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4550)
WordPress Plugin Asgaros Forum Cross-Site Scripting (1.15.13)
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-16650)