CVE-2018-16631
Subrion CMS v4.2.1 contains a cross-site scripting flaw exploitable via the panel/configuration/general Site Title parameter. The underlying issue is an XSS vulnerability that could let an attacker inject arbitrary JavaScript into a victim’s browser, potentially compromising sessions or performin...