EPSS
Percentile
24.8%
croogo/croogo is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists as the value of title in Blocks/index.ctp is not sanitized, allowing XSS attacks.
title
Blocks/index.ctp
github.com/croogo/croogo/issues/887