CVE-2019-12930
WIKINDX is affected by a cross-site scripting (XSS) vulnerability in core/navigation/MENU.php (noMenu() and noSubMenu()) prior to version 5.8.1. The issue stems from inadequate validation of client-side data via the method parameter, enabling remote attackers to inject arbitrary web script or HTM...