Auracms · Auracms · CVE-2018-15199
**Name of the Vulnerable Software and Affected Versions**
AuraCMS version 2.3
**Description**
The issue allows for XSS via a specific action, `Bukutamu -> AddGuestbook`.
**Recommendations**
For AuraCMS version 2.3, consider restricting access to the `AddGuestbook` action in `Bukutamu` until a patch is available.