COYO 9.0.8, 10.0.11 and 12.0.4 has cross-site scripting (XSS) via URLs used by "iFrame" widgets.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected