Loading
Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the ownership tab of a content item.
Use CWE-79, Plone vendor hub and Plone product page to widen CVE-2021-33508 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2021-33509, CVE-2021-33926 and CVE-2024-22889 for nearby disclosures in the same product family.