Description
An open redirect on the login form (and possibly other places) in Plone 4.0 through 5.2.1 allows an attacker to craft a link to a Plone Site that, when followed, and possibly after login, will redirect to an attacker's site.
Remediation
References
Related Vulnerabilities
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-1000658)
Drupal Core 6.x Information Disclosure (6.0 - 6.30)
Apache HTTP Server Other Vulnerability (CVE-2001-0731)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4360)
Zope Web Application Server Other Vulnerability (CVE-2000-1212)