CVE-2018-14686

system/editbook.php in XYCMS 1.7 has stored XSS via a crafted adddo.php request, related to addbook.php...