CVE-2018-7198

CVE-2018-7198

October CMS through 1.0.431 allows XSS by entering HTML on the Add Posts page.

Source: CVE-2018-7198