Cotonti Siena 0.9.20 allows admins to conduct stored XSS attacks via a direct message (DM).
cotonti cotonti siena 0.9.20