CVE-2022-27258

Multiple Cross-Site Scripting (XSS) vulnerabilities in Hubzilla 7.0.3 and earlier allows remote attacker to include arbitrary web script or HTML via the rpath parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt