Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Collections or Taxonomies components. An attacker can execute arbitrary JavaScript in the context of a higher-privileged user's session by injecting malicious scripts into content fields, leading to...