Description
Cross-site scripting (XSS) vulnerability in an unspecified page template in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin A. Gallery TimThumb Arbitrary File Upload (0.9rev378511)
WordPress Plugin Google XML Sitemaps Cross-Site Scripting (4.0.9)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5651)
WordPress Plugin Appointment Booking Calendar Multiple Vulnerabilities (1.1.7)