nc-cms cross-site scripting vulnerability (CNVD-2018-21238 )
nc-cms is a PHP-based embeddable lightweight CMS Content Management System. A cross-site scripting vulnerability exists in the index.php?action=edithtml page in nc-cms 2017-03-10 and earlier versions. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the...