Description
Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Remediation
References
Related Vulnerabilities
WordPress Plugin Insert or Embed Articulate Content into WordPress Security Bypass (4.2996)
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-18033)
WordPress Plugin Permalink Manager Lite Cross-Site Request Forgery (2.2.19.2)
WordPress Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-3590)
WordPress Plugin WordPress for Google Maps-WP MAPS Cross-Site Request Forgery (4.0.9)