MEDIUM 5.4
PYSEC-2021-889
Details
A stored cross-site scripting (XSS) vulnerability in Plone CMS 5.2.3 exists in site-controlpanel via the "form.widgets.site_title" parameter.
Are you affected?
Enter the version of the package you're using.
Affected packages
PyPI / plone
Introduced in:
0 No fixed version published yet for plone (pip). Pin to a known-safe version or switch to an alternative.