CVE-2018-14527
CVE-2018-14527 affects Xiao5uCompany/“Xiao5uCompany” v1.7. Reported as an XSS vulnerability where Feedback.asp is not adequately protected by Safe.asp (e.g., it handles SCRIPT/IMG but not VIDEO). CNVD sources describe a stored XSS in School Worry-free Enterprise Website System v1.7, enabling an a...