CVE-2018-18868
No-CMS 1.1.3 is affected by CVE-2018-18868: a Persistent XSS vulnerability via the contact_us name parameter. Affected component/entry is the input handling for the contact_us form; the underlying cause is improper input handling that allows script content to be stored/executed in the user’s brow...