CVE-2018-1000856
DomainMOD 4.11.01 is vulnerable to cross-site scripting via the segments/add.php Segment Name field. The root cause is an XSS flaw in that input, allowing attackers to execute arbitrary JavaScript in the victim’s browser (CWE-79). Impact may include session hijacking, defacement, or data theft as...