Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to file update.
https://exchange.xforce.ibmcloud.com/vulnerabilities/75331
http://www.securityfocus.com/bid/53367
http://www.pluxml.org/article59/sortie-de-pluxml-5-1-6