An issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP2. The application is prone to reflected Cross-site Scripting (XSS) in several features.
https://www.mega.com/en/hopex-platform
https://excellium-services.com/cert-xlm-advisory/CVE-2022-38481