Public CVE-2020-8162 disclosure

Navigate CMS 2.9 allows XSS via the Alias or Real URL field of the "Web Sites > Create > Aliases > Add" screen.