EPSS
Percentile
51.0%
Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
www.exploit-db.com/exploits/48626