An issue was discovered in Eventum 3.5.0. htdocs/ajax/update.php has XSS via the field_name parameter.Referenceshttps://github.com/eventum/eventum/blob/master/CHANGELOG.mdhttps://github.com/eventum/eventum/releases/tag/v3.5.2
