CVE-2022-26565
Totaljs XSS (CVE-2022-26565): all versions prior to commit 95f54a5commit are vulnerable. An attacker can inject a crafted payload into the Page Name text field during page creation to execute arbitrary web scripts or HTML. The vulnerability is due to unsanitized input in the Page Name field, enab...