craftcms/cms is vulnerable to Cross-site Scripting (XSS). The vulnerability exists due to improper validation of url parameters in label names or instruction of an entry type located in parameter.js
, which allows an attacker to inject and execute malicious JavaScript in the victims browser.