CVE-2018-20302
Steve Pallen Xain is affected by an XSS vulnerability in versions prior to 0.6.2, exploitable via the order parameter. The issue is reported across multiple sources (CVE-2018-20302, related advisories). Remediation: upgrade to Xain 0.6.2 or newer to mitigate.