Jspxcms is a scalable enterprise-class open source web content management system (CMS). Jspxcms version 10.2.0 cross-site scripting vulnerability , the vulnerability stems from the lack of effective user-supplied data filtering and escaping component Survey Label Handler , an attacker can exploit the vulnerability by injecting a well-designed payload to execute arbitrary Web script or HTML.