Total.Js · Total.Js · CVE-2022-26565
**Name of the Vulnerable Software and Affected Versions**
Totaljs versions prior to commit 95f54a5
**Description**
A cross-site scripting issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `Page Name` text field when creating a new page.
**Recommendations**
For versions prior to commit 95f54a5, update to a version that includes the fix for this issue.