CiviEvent included multiple screens with a vulnerability to cross-site scripting (XSS).
CiviCRM version 5.64.3 and earlier
CiviCRM version 5.64.4, 5.65.0 and 5.63.4 (ESR)
Upgrade to the fixed version of CiviCRM
Ranjit Pahan
Bradley Taylor of Bright minded
Coleman Watts of CiviCRM
Seamus Lee of JMA Consulting/CiviCRM
security/core#114
huntr.dev: 4283af1b-f2b9-4f2c-b87c-9d6ea40056ef