PeTeReport is an open source application vulnerability reporting tool. PeTeReport has a cross-site scripting vulnerability that stems from the softwareβs lack of filtering and escaping of user data, which could be exploited by an attacker to inject persistent JavaScript code through an authenticated administrator user, while adding attack trees by modifying svg file parameters.