CVE-2018-5705
Reservo Image Hosting 1.6 is vulnerable to cross-site scripting in the search engine (t parameter of /search). The vulnerability allows code execution via a malicious URL and can lead to session theft of users and admins due to an active login interface. PoC/exploit details are available in publi...