Name of the Vulnerable Software and Affected Versions Neos (affected versions not specified)

Description The issue allows for several XSS attacks, enabling an attacker to interfere with page rendering, redirect users to a fake login page, or capture user credentials such as cookies. Additionally, an attacker could potentially gain access to the server, with the extent of access mainly limited by the server setup.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.