Description
Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the ownership tab of a content item.
Remediation
References
Related Vulnerabilities
WordPress Plugin WPS Bidouille Multiple Vulnerabilities (1.12.2)
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-0327)
WordPress Plugin Elementor Website Builder Arbitrary File Upload (3.18.1)
WordPress Plugin Contextual Related Posts Multiple Vulnerabilities (3.3.1)
Handlebars Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-33937)