Textpattern 4.8.7 is affected by a HTML injection vulnerability through “Content>Write>Body”.
textpattern textpattern 4.8.7