wallabag/wallabag is vulnerable to Stored Cross-site Scripting (XSS). The vulnerability exists in share.html.twig
due to lack of validations on HTML elements, which allows an attacker to inject and execute malicious JavaScript though the name field.