Find real vulnerabilities before they ship
Vulnerability Database › packagist › CVE-2019-20789
Croogo before 3.0.7 allows XSS via the title to admin/menus/menus or admin/taxonomy/vocabularies.
Base Score