A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 allows malicious users to execute arbitrary web scripts or HTML via a crafted SVG file.
gilacms gila cms 1.11.4