Description
Cross-site scripting (XSS) vulnerability in safe_html.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Station Pro Cross-Site Scripting (2.2.1)
WordPress Plugin Easy Social Box/Page Cross-Site Scripting (4.1.2)
Plone CMS Other Vulnerability (CVE-2006-4249)
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5615)
Oracle Database Server CVE-2006-5341 Vulnerability (CVE-2006-5341)