hopetree izone lts c011b48 contains a Cross Site Scripting (XSS) vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView() does not securely filter user input and renders it directly to the frontend page through templates.
https://thehackernews.com/2024/08/new-flaws-in-sonos-smart-speakers-allow.html