CVE-2018-18738
An XSS vulnerability (CVE-2018-18738) affects SEMCMS 3.4, exploitable via the admin/SEMCMS_Categories.php?pid=1&lgid=1&category_key parameter. The vulnerability is due to unsafely handled input in the category_key field, enabling injection of arbitrary web script/HTML. Reported impact metrics ind...