CVE-2018-18540
TeaKKi 2.7 contains a Cross-Site Scripting (XSS) vulnerability exploitable via a crafted onerror attribute in an image tag to set the picture URL. Public sources (NVD and CNVD entries) describe this onerror-based XSS as the root issue affecting TeaKKi 2.7; the exact technical exploit details are ...