Description
Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Remediation
References
Related Vulnerabilities
Ampache Deserialization of Untrusted Data Vulnerability (CVE-2017-18375)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1432)
WordPress Plugin Smush Image Compression and Optimization Directory Traversal (2.7.5)
Sqlite Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-6607)