CVE-2022-31300
Haraj v3.7 has a cross-site scripting vulnerability in the DM Section component, enabling arbitrary scripts via a crafted POST request. The issue stems from insufficient data validation/filtering and output encoding in DM components, allowing attackers to inject and execute scripts (reported as a...