2017-11-27 10:00:00
mitre
PUBLISHED
b3log Symphony (aka Sym) 2.2.0 allows an XSS attack by sending a private letter with a certain /article URI, and a second private letter with a modified title.