Nucleus CMS version 3.65 suffers from a persistent cross site scripting vulnerability.