Cross-site scripting vulnerability in Pleasanter 1.3.38.1 and previous versions allows a remote authenticated malicious user to inject an arbitrary script.
pleasanter pleasanter