PHP-Textile has persistent XSS vulnerability in image link handling
The attacker can perform any operation in the application with user’s privileges or remotely control user’s browser with automated tools.
Advisories for Composer/Netcarver/Textile package
2025