Cross-site scripting vulnerability in Post function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script.
[
{
"vendor": "Vektor,Inc.",
"product": "VK Blocks and VK Blocks Pro",
"versions": [
{
"version": "VK Blocks 1.53.0.1 and earlier, and VK Blocks Pro 1.53.0.1 and earlier",
"status": "affected"
}
]
}
]