CVE-2018-19546
JTBC(PHP) 3.0.1.7 is affected by a CSRF vulnerability exploitable through console/xml/manage.php?type=action&action=edit, demonstrated by an XSS payload in the content parameter. The NVD entry assigns CVSSv3.0 base score 8.8 (vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), with network acc...