Burden v3.0 was discovered to contain a stored cross-site scripting (XSS) in the Add Category function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the task parameter.
https://github.com/Nguyen-Trung-Kien/CVE/blob/main/CVE-2022-24589/CVE-2022-24589.pdf