Cross-site scripting (XSS) vulnerability in core/admin/modules/developer/modules/views/add.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.033
EPSS Ranking 87.0%