Description
Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
Related Vulnerabilities
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-28644)
WordPress Plugin myghpay WooCommerce Payment Gateway Cross-Site Scripting (3.0)
WordPress Plugin Advanced Custom Fields (ACF) Security Bypass (5.9.9)
Drupal Core 9.0.x Multiple Security Bypass Vulnerabilities (9.0.0 - 9.0.14)
WordPress Plugin File Groups 'fgid' Parameter SQL Injection (1.1.2)