You can enable the active content filter to prevent users from embedding malicious content in text input fields in Profiles. You can also use administrative commands to update or remove inappropriate information in fields to which you do not have owner access.
Filtering active content in ProfilesParent topic: Administering Profiles
Profiles provides a filter that prevents users from creating rich text descriptions with malicious scripts that are executed when other users visit Profiles. You can enable or disable this component.
Removing inappropriate content
Content management commands are used to update inappropriate information stored in the Profiles database, such as text displayed in the About Me
fields of the Profiles user interface. These administrative commands can also be used to delete inappropriate photos from the database. No file checkout or server restart is required when using the commands.