Cross-site Scripting (XSS)

github.com/knadh/listmonk is vulnerable to cross-site scripting XSS. The library does not sanitize HTML strings before passing to toasts function, allowing a malicious user to inject and execute malicious javascript...