A sanbdox bypass vulnerability was found in some of Plone's template that used str.format: http://www.openwall.com/lists/oss-security/2017/01/17/16
External References: https://plone.org/security/hotfix/20170117/sandbox-escape