ChurchCRM Version 4.4.5 has XSS vulnerabilities that allow malicious users to store XSS via location input Deposit Comment.
churchcrm churchcrm 4.4.5