CVE-2022-40288

CVE-2022-40288

The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the user profile data fields, which could be leveraged to escalate privileges within and compromise any account that views their user profile.

Source: CVE-2022-40288