Name of the Vulnerable Software and Affected Versions No specific software or versions mentioned.

Description The issue concerns the notification module, which fails to properly escape HTML from the server, leading to potential XSS vulnerabilities. This could affect various entity names and labels, such as workspace titles or media titles. However, exploitation requires the attacker to be a logged-in user with specific rights.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.