OX App Suite 7.10.4 and earlier allows XSS via crafted content to reach an undocumented feature, such as 