In Plone 5.0 up to and including 5.2.4, Editors are vulnerable to XSS in the folder contents view, if a Contributor has created a folder with a SCRIPT tag in the description field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
plone plone |