Posted by Curesec Research Team (CRT) on Feb 16

Security Advisory – Curesec Research Team

1. Introduction

Affected Product: Plone 5.0.5
Fixed in: Hotfix 20170117
Fixed Version Link: https://plone.org/security/hotfix/20170117
Vendor Contact: security () plone org
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor: 09/05/2016
Disclosed to public: 01/26/2017
Release mode: Coordinated Release
CVE: CVE-2016-7147
Credits…