Description
Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plone 2.1 through 4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-2422.
Remediation
References
Related Vulnerabilities
Drupal Improper Input Validation Vulnerability (CVE-2019-6342)
Oracle Database Server CVE-2010-0866 Vulnerability (CVE-2010-0866)
WordPress Plugin UpdraftPlus WordPress Backup Security Bypass (1.9.50)
Oracle Application Server Other Vulnerability (CVE-2002-0840)
WordPress Plugin MC4WP:Mailchimp for WordPress Cross-Site Request Forgery (4.8.4)