Recently, I got many SPAM post with the site URL which is hosted by Plone. I have wandered it and find the description how and why to do it.
This is an old, old vulnerability that only exists in the Plone 2.0.x series.
It was fixed over a year ago, and the site in question is running a version of Plone that is between 18 and 24 months old as of August 2006.
Not much we can do about people that don't update their sites and stay current on security, unfortunately. If you try your JS redirection trick on any current Plone version (2.1, 2.5), you'll see that it doesn't work.
I want to request Mr.Administrator of plone site, please care your site rather than host spam redirect page and parasite SEO.
For example, I got some URL list posted as SPAM comment, such as Cleveland Area Python Interest Group, who is ordinal user group.
Followings are similar site which is hosted by plone;
