A cross-site scripting (XSS) vulnerability in META-INF Kft. Email This Issue (Data Center) before 9.13.0-GA allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the recipient field of an e-mail message.
https://tracker.bugcrowd.com/metainfkft/submissions/51e58658-220e-4614-b605-c8d662b5c426