[LOW] October CMS: Reflected XSS via DataTable Form Widget

PKSA-drxd-zbt8-s1kh CVE-2026-27937 GHSA-jj38-h5w5-mvpf

Affected package: october/system

Affected version: >=4.0.0,<4.1.16|<3.7.16

Reported by:
GitHub