The vulnerability allows remote attackers to inject own malicious script codes on the application-side of the affected service, module or function. The vulnerability is located in the `Basic > Reports` module in the `domain names`, `grid__data in grid_columns` and `x-grid3-cell-inner x-grid3-col-name` values. Remote attackers are able to inject own script code as domain name to execute the context in the show advanced options menu listing (+plus) with persistent attack vector.
Read the Security Advisory here – http://www.vulnerability-lab.com/get_content.php?id=1101