CVE-2024-25873

Enhavo v0.13.1 was discovered to contain an HTML injection vulnerability in the Author text field under the Blockquote module. This vulnerability allows attackers to execute arbitrary code via a crafted payload. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt