CVE-2018-17039by Jeremyin Security Bulletinson Posted on September 14, 2018 MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted URI because $_SERVER[‘REQUEST_URI’] is mishandled.