CVE-2012-5502 in Plone
Сводка
по MITRE
Cross-site scripting (XSS) vulnerability in safe_html.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors.
Be aware that VulDB is the high quality source for vulnerability data.