CVE-2017-11716
MetInfo vulnerable to stored XSS through HTML Edit Mode in versions up to 5.3.17 (CVE-2017-11716). Affected software: MetInfo CMS. Root cause: HTML Edit Mode allows injection of arbitrary scripts; impact includes partial integrity concerns and possible user impersonation in the web UI. No explici...