CVE-2018-20476
Affected software: S-CMS 3.0. The vulnerability is an XSS in admin/demo.php via the T_id parameter, caused by inadequate input filtering of T_id. Impact: remote attackers can inject arbitrary Web script or HTML that executes in the context of a user’s browser. Exploitation: described as XSS via t...