CVE-2018-16406
The CVE-2018-16406 entry affects Mayan EDMS prior to 3.0.2, specifically via the Cabinets app where a crafted cabinet label enables cross-site scripting (XSS). The root cause is an XSS vulnerability in the cabinets widget that processes cabinet labels without sufficient sanitization. Impact is XS...