Jmpotato

**Name of the Vulnerable Software and Affected Versions** JmPotato Pomash (affected versions not specified) **Description** A problematic vulnerability was found in JmPotato Pomash, affecting an unknown part of the file Pomash/theme/clean/templates/editor.html. The manipulation of the `article.title`, `content.title`, or `article.tag` arguments leads to cross-site scripting. It is possible to initiate the attack remotely. **Recommendations** To fix this issue, it is recommended to apply a patch with the name be1914ef0a6808e00f51618b2de92496a3604415. As a temporary workaround, consider restricting the manipulation of the `article.title`, `content.title`, and `article.tag` arguments to minimize the risk of exploitation.