CVE-2018-17039

Name of the Vulnerable Software and Affected Versions MiniCMS version 1.10

Description The issue allows for XSS via a crafted URI due to the mishandling of $ SERVER['REQUEST URI'] when Internet Explorer is used.

Recommendations For MiniCMS version 1.10, consider validating and sanitizing user input to prevent the exploitation of this issue, specifically when handling the REQUEST URI variable. As a temporary workaround, restrict access to the application when using Internet Explorer until a proper fix is applied.