kittoframework kitto version 0.5.1 is vulnerable to an XSS in the 404 page resulting in information disclosure