Security News CVE-2018-20601 by rootdaemon December 29, 2018 UCMS 1.4.7 has XSS via the description parameter in an index.php list_editpost action. Don't forget to shareTweet Tags: CVE201820601