Contentful through 2020-05-21 for Python allows reflected XSS, as demonstrated by the api parameter to the-example-app.py.
Published May 21, 2020.
Contentful Python Example
