Breakalegcml

**Name of the Vulnerable Software and Affected Versions** Pagekit CMS version 1.0.18 **Description** A cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Markdown text box under the "/blog/post/edit" API endpoint. The `Markdown text box` is the vulnerable parameter. **Recommendations** For Pagekit CMS version 1.0.18, consider disabling the Markdown text box under the "/blog/post/edit" API endpoint until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation. Avoid using the Markdown text box in the affected API endpoint until the issue is resolved.