microweber/microweber is vulnerable to cross-site scripting. The vulnerability exists in admin page due to the lack of input sanitization in the create_media_dir
function in the MediaManager.php
file allowing an attacker to inject and execute malicious javascript.