In Cloudron 6.2, the returnTo parameter on the login page is vulnerable to Reflected XSS.
cloudron cloudron 6.2