CVE-2018-7057by Jeremyin Security Bulletinson Posted on February 15, 2018 RoomWizard before 4.4.x allows XSS via the HelpAction.action pageName parameter.