Yab Quarx through 2.4.3 is prone to multiple persistent cross-site scripting vulnerabilities: Blog (Title), FAQ (Question), Pages (Title), Widgets (Name), and Menus (Name).Referenceshttp://www.securityfocus.com/bid/103081https://github.com/YABhq/Quarx/issues/116
