CVE-2018-19913by Jeremyin Security Bulletinson Posted on December 6, 2018 DomainMOD through 4.11.01 has XSS via the assets/add/registrar-accounts.php UserName, Reseller ID, or notes field.