feindura 2.0.7 allows XSS via the tags field of a new page created at index.php?category=0&page=new.