Vulnerabilty found in HTMLy v2.8.1 by "HAXSS" a Reinforcement Learning Agent for Cross Site Scripting (XSS) testing.
1. Log into the admin pannel ('/login').
2. Use the dashboard to navigate to the config page ('/admin/config')
3. Edit the "Description" field on the page to a malicious payload
4. Save the settings
5. Navigate to the home page '/' and the vulnerability is shown