CVE-2019-19858
Serpico (SimplE RePort wrIting and CollaboratiOn tool) 1.3.0 contains a stored XSS vulnerability in the admin/add_user/UID path via the author parameter. The issue is documented across multiple sources (NVD, OSV, CVE records) with the root cause described as lack of proper validation on client-si...