CVE-2020-23234

Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,". > MITRE Terms of Use apply – see LICENSE‑MITRE.txt