Mattgriffin4281

**Name of the Vulnerable Software and Affected Versions** OpenCTI versions prior to 7.260227.0 **Description** An issue exists in the rendering of email-message observable body data where the content of the `body` field is not appropriately sanitized. This allows for Cross-Site Scripting (XSS), a technique where malicious scripts are injected into trusted websites. The flaw requires user interaction and can be exploited by individuals sharing STIX data or through any ingester, potentially leading to Cross-Site Request Forgery (CSRF) and large-scale session theft. **Recommendations** Update to version 7.260227.0.