Former before 4.2.1 has XSS via a checkbox value.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected