Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
October CMS through 1.0.431 allows XSS by entering HTML on the Add Posts page.
Advisories for Composer/Rainlab/Blog-Plugin package
2022
October CMS through 1.0.431 allows XSS by entering HTML on the Add Posts page.