CiviEvent included a vector for reflected cross-site-scripting (XSS) attacks.
Cross Site Scripting
CiviCRM version 5.56.1 (and earlier), 5.51.3 (and earlier)
CiviCRM version 5.57.0, 5.56.2, 5.51.4 (ESR)
Upgrade to the latest version of CiviCRM
John Kingsnorth, Seamus Lee, Rich Lott, and Tim Otten