Chris Alupului

**Name of the Vulnerable Software and Affected Versions** October versions prior to 3.7.14 October versions prior to 4.1.10 **Description** A stored Cross-Site Scripting (XSS) issue exists in the Backend Editor Settings. The Markup Classes fields, which are used for paragraph, inline, and table styles, fail to sanitize input for valid CSS class name characters. This allows malicious values to be rendered unsanitized in Froala editor dropdown menus, leading to JavaScript execution when a user opens a RichEditor. This requires authenticated backend access with editor settings permissions and could result in privilege escalation if a superuser opens a RichEditor during routine content editing, such as editing a blog post. **Recommendations** Update to version 3.7.14 or newer. Update to version 4.1.10 or newer. Restrict editor settings permissions to fully trusted administrators only.

**Name of the Vulnerable Software and Affected Versions** October versions prior to 3.7.14 October versions prior to 4.1.10 **Description** A stored cross-site scripting (XSS) issue exists in the Event Log mail preview feature. HTML content in logged mail messages is rendered in an iframe without proper sandboxing, which allows JavaScript execution in the browser context of the viewer. This can lead to privilege escalation if a superuser views a malicious log entry. Exploitation requires authenticated backend access with mail template editing permissions and a superuser to view the specific Event Log entry. **Recommendations** Update to version 3.7.14. Update to version 4.1.10. Restrict mail template editing permissions to fully trusted administrators only. Restrict Event Log viewing permissions to minimize exposure.