Lepton · Leptoncms · CVE-2020-12705
**Name of the Vulnerable Software and Affected Versions**
LeptonCMS versions prior to 4.6.0
**Description**
Multiple cross-site scripting (XSS) vulnerabilities exist in the software. XSS is a type of security vulnerability that allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized access or control.
**Recommendations**
For versions prior to 4.6.0, update to version 4.6.0 or later to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation. Avoid using potentially vulnerable features until the issue is resolved.