Intrusion Prevention

Plone.Login.Form.XSS

Description

This indicates an attack attempt against a Cross-Site Scripting (XSS) vulnerability in Plone.
The vulnerability is due to Plone failing to properly sanitize the "came_from" parameter value that is passed to the login form. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application.

Affected Products

Plone versions before 4.3.16 and 5.0.10

Impact

System Compromise : Remote attackers can execute arbitrary script code within the context of the target user's browser

Recommended Actions

Upgrade to the latest version, available from the website.
https://plone.org/security/hotfix/20171128