Tino Kautschke identified an XSS vulnerability in the content management system Plone.