Cross Site Scripting (XSS) vulnerability in DynPG 4.9.1, allows authenticated malicious users to execute arbitrary code via the groupname.
dynpg dynpg 4.9.1