Description
Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plone 2.1 through 4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-2422.
Remediation
References
Related Vulnerabilities
WordPress Plugin Advanced AJAX Product Filters Security Bypass (1.3.6.1)
WordPress Plugin AccessPress Anonymous Post Pro Arbitrary File Upload (3.1.9)
WordPress Plugin HAL Cross-Site Scripting (2.1.1)
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.13)
WordPress Plugin Post Custom Templates Lite Cross-Site Scripting (1.6)