Jease CMS version 2.11 suffers from a malicious script insertion vulnerability.