Cross-Site Scripting (XSS)
craftcms/cms is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to a lack of user-input sanitization in Craft parameter of Asset.php which allows an attacker to inject and execute arbitrary JavaScript into the browser...