[MEDIUM] Kimai 2 vulnerable to persistent cross-site scripting in the timesheet descriptions

PKSA-2hk7-7wzk-4rts CVE-2019-25317 GHSA-9278-6hcj-2p4j

Affected package: kimai/kimai

Affected version: <1.1

Reported by:
GitHub