SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statutes Comment, Places Comment, or Resources Comment field.Referenceshttps://www.soplanning.orghttps://www.sevenlayers.com/index.php/364-soplanning-v1-46-01-xss-session-hijack
