Cross-site scripting (XSS) vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allow remote attackers to inject arbitrary web script or HTML via the challenge parameter.Referenceshttps://github.com/hjue/JustWriting/issues/106https://github.com/hjue/JustWriting/
