This indicates a Cross-site scripting (XSS) vulnerability in Drake CMS. This issue due to input validation errors in the "admin/classes/ui.dta.php" scripts when processing the "desc[title]" parameter. It allows remote attackers to inject arbitrary web scripts or HTML.
Drake CMS 0.3.7 Beta
Drake CMS 0.3.7
Currently we are not aware of any official supplied fix for issue.
Vendor's Web Site: http://www.drakecms.org/.