Knowage Suite before 7.4 is vulnerable to cross-site scripting (XSS). An attacker can inject arbitrary external script in '/knowagecockpitengine/api/1.0/pages/execute' via the 'SBI_HOST' parameter.Referenceshttps://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/XSSI-KnowageSuite.md
