Description
Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS.
Remediation
References
Related Vulnerabilities
Python Improper Privilege Management Vulnerability (CVE-2020-29396)
WordPress Plugin IGIT Posts Slider Widget TimThumb Arbitrary File Upload (1.1)
PHP Improper Input Validation Vulnerability (CVE-2015-8879)
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Scripting (2.3.1)
WordPress Plugin WordPress Backup and Migrate-Backup Guard Unspecified Vulnerability (1.0.6)