CVE-2019-17488

b3log Symphony (aka Sym) before 3.6.0 has XSS via the HTTP User-Agent header.