An XSS issue in wiki and discussion pages in Seafile 9.0.6 allows malicious users to inject JavaScript into the Markdown editor.
seafile seafile 9.0.6