CVE-2018-20600
CVE-2018-20600 affects UCMS 1.4.7 where sadmin\cedit.php is vulnerable to cross-site scripting via the index.php sadmin_cedit action. The vulnerability allows injection of arbitrary web script or HTML, with the CVSS 3.0/2.0 metrics indicating network access, no authentication, user interaction re...