Stored Cross-site Scripting (XSS)
andreapollastri/cipi is vulnerable to stored cross-site scripting. The vulnerability exists in /api/servers name field when adding a new server on the server panel, as it doesn't properly filter the parameters which allows an attacker to inject and execute arbitrary javascript...