studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via the System Name field under Emails during template editing.Referenceshttps://github.com/unaio/una/commits/master/studiohttps://pastebin.com/iMfs1BsMhttp://packetstormsecurity.com/files/154018/UNA-10.0.0-RC1-Cross-Site-Scripting.html
