CVE-2018-14686
The CVE-2018-14686 entry affects XYCMS 1.7 and describes a stored cross-site scripting (XSS) vulnerability in system/edit_book.php, triggered by a crafted request to add_do.php (related to add_book.php). Root cause, as stated, is a malicious payload stored via the add_do.php flow, enabling script...