Ardaweasley

**Name of the Vulnerable Software and Affected Versions** CtrlPanel versions prior to 1.0 **Description** A Cross-Site Scripting (XSS) issue exists due to insufficient input validation on the `priority` field during ticket creation and unsafe rendering of this field in the moderator panel, specifically in the `TicketsController` and `Moderation/TicketsController`. **Recommendations** For versions prior to 1.0, update to version 1.0 to resolve the issue. As a temporary workaround, consider restricting access to the `TicketsController` and `Moderation/TicketsController` to minimize the risk of exploitation. Additionally, avoid using the `priority` field in the affected ticket creation process until the issue is resolved.