CVE-2017-17948

CVE-2017-17948

Cells Blog 3.5 has XSS via the jfdname parameter in an act=showpic request.

Source: CVE-2017-17948