EPSS
Percentile
24.0%
TravianZ through 8.3.4 allows XSS via the Alliance tag/name, the statistics page, the link preferences, the Admin Logs, or the COOKUSR cookie.
bramdoessecurity.com/travianz-hacked/