Matt Moreschi

Name of the Vulnerable Software and Affected Versions: Plone versions 5.0 through 5.2.4 Description: The issue affects Editors in the folder contents view, where a Contributor can create a folder with a SCRIPT tag in the `description` field, leading to XSS. Recommendations: For Plone versions 5.0 through 5.2.4, consider disabling the folder contents view for Contributors until a patch is available. Restrict access to the description field to minimize the risk of exploitation.