Description
An XSS issue in the title field in Plone 5.0 through 5.2.1 allows users with a certain privilege level to insert JavaScript that will be executed when other users access the site.
Remediation
References
Related Vulnerabilities
WordPress Plugin N-Media Post Front-end Form Arbitrary File Upload (1.0)
Oracle Application Server CVE-2007-5518 Vulnerability (CVE-2007-5518)
WordPress Plugin Relocate Upload 'abspath' Parameter Remote File Include (0.14)
Magento Improper Privilege Management Vulnerability (CVE-2020-9630)
Oracle Application Server CVE-2009-1009 Vulnerability (CVE-2009-1009)