CVE-2019-25301

Name of the Vulnerable Software and Affected Versions Millhouse-Project version 1.414

Description A persistent cross-site scripting issue exists in the comment submission functionality. This allows attackers to inject malicious scripts by posting comments with embedded JavaScript through the 'add comment sql.php' endpoint using the content parameter, leading to the execution of arbitrary scripts in the browsers of users who view the comments.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.