CVE-2018-17034by Jeremyin Security Bulletinson Posted on September 14, 2018 UCMS 1.4.6 has XSS via the install/index.php mysql_dbname parameter.