CVE-2018-14481
OSClass 3.7.4 is affected by CVE-2018-14481: it has Cross-Site Scripting (XSS) via the query string to index.php (notably in the OSClass 3.7.4 release, separate from CVE-2014-6280). Other connected sources describe multiple XSS vulnerabilities in OSClass 3.7.4, including potential reflections and...