Information from NEUMANN CORPORATION

There was a part of the functionality that could be a target for XSS attacks. In the feature that allows users to comment to administrators, if a malicious user wrote scripts in tag format, there was a possibility that the administrator could unintentionally execute them.

This issue has now been fixed, and comments written in tag format are no longer recognized as scripts. They are displayed as plain text on the administrator side.