CVE-2018-11343
ASUSTOR SoundsGood's playlistmanger.cgi is vulnerable to persistent XSS via the playlist POST parameter. The cited CNVD entry states a remote attacker can inject arbitrary script/HTML and notes the payload could potentially lead to obtaining a valid SID value. The vulnerability details (affected ...