Microweber versions 1.2.17 and prior are vulnerable to cross-site scripting. A patch is available on the dev laravel9-php8 branch of the repository.
dev laravel9-php8