Create-Project Manager 1.07 has Multi Persistent Cross-site Scripting and HTML injection in via Online chat, Social feed,Message(title-tag), Add new client (all-tags).
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23974
Reference (s):
- https://cxsecurity.com/issue/WLB-2020050071
- https://packetstormsecurity.com/files/157599/Create-Project-Manager-1.07-Cross-Site-Scripting-HTML-Injection.html