XSS on notification from To-Do

Moderate

marcelfolaron published GHSA-f679-254h-qhvj

Feb 18, 2025

Package

Notifications.php

Affected versions

>3.2.1

Patched versions

3.3

Description

Summary

There is a cross-site scripting vulnerability on To-Do that affects a title field of a To-Do.