Stored cross-site scripting vulnerability in Theme switching function of SHIRASAGI v1.16.2 and earlier versions allows a remote attacker with an administrative privilege to inject an arbitrary script.Referenceshttps://www.ss-proj.org/https://github.com/shirasagi/shirasagihttps://www.ss-proj.org/support/938.htmlhttps://jvn.jp/en/jp/JVN18765463/
