Description
z3c.form in Plone CMS 5.x through 5.0.6 and 4.x through 4.3.11 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted GET request.
Remediation
References
Related Vulnerabilities
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.25)
PHP Improper Input Validation Vulnerability (CVE-2011-1470)
WordPress Plugin Gallery transformation SQL Injection (1.0)
WordPress Plugin Rencontre-Dating Site Security Bypass (1.6.9)
Oracle Database Server CVE-2006-0259 Vulnerability (CVE-2006-0259)