Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in froxlor/froxlor before 2.0.10.
froxlor froxlor