CVE-2018-10366

An issue was discovered in the Users (aka Front-end user management) plugin 1.4.5 for October CMS. XSS exists in the name field.

Date published : 2018-04-25

https://github.com/rainlab/user-plugin/commit/098c2bc907443d67e9e18645f850e3de42941d20

https://www.exploit-db.com/exploits/44546/