CVE-2018-20590
CVE-2018-20590 affects the Ivan Cordoba Generic Content Management System (CMS) up to 2018-04-28. The vulnerability is a Cross-Site Scripting (XSS) flaw in the file or path used by the Administrator/users.php user ID. The linked CNVD entry describes that the XSS can allow execution of arbitrary J...