OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Group Name Field.
opencrx opencrx 5.2.0