CVE-2018-17044by Jeremyin Security Bulletinson Posted on September 14, 2018 In YzmCMS 5.1, stored XSS exists via the admin/system_manage/user_config_add.html title parameter.