CVE-2022-42001

Cross-site Scripting (XSS) vulnerability in BlueSpiceBookshelf extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the book navigation. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt