CVE-2018-15678
BTITeam XBTIT 2.5.4 contains a reflected cross-site scripting (XSS) vulnerability in the sign-up page ( /index.php?page=signup ) via the act parameter. The NVD entry CVE-2018-15678 documents this issue with CVSS v2 base score 4.3 ( MEDIUM ) and CVSS v3 base score 6.1 ( MEDIUM ), indicating networ...