Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated malicious users to inject arbitrary script or HTML via unspecified vectors.
exceedone exment