Cross-Site Scripting (XSS)

collective.task is vulnerable to cross-site scripting. The vulnerability exists in the renderCell function of table.py due to missing escape columns which allows an attacker to inject and execute malicious JavaScript...