Summary: b3log Symphony (aka Sym) before 3.6.0 has XSS via the HTTP User-Agent header.Published: Thursday, October 10, 2019 - 17:15cvss: