CVE-2021-29029
Bitweaver 3.1.0 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject JavaScript through the /users/edit_personal_page.php URI. Root cause is unrelated input handling in that page, per multiple CVE references. Impact is variable depending on context but ...