BEdita CMS version 3.5.1 suffers from a cross site scripting vulnerability.