CVE-2018-20136
CVE-2018-20136 affects FUEL CMS 1.4.3, where an XSS flaw exists in the Header or Body within Layout Variables during new-page creation (demonstrated via pages/edit/1?lang=english). The root cause is input reflected in layout variables, enabling script injection. Impact is cross-site scripting; ex...