CVE-2018-7198by Jeremyin Security Bulletinson Posted on February 18, 2018 October CMS through 1.0.431 allows XSS by entering HTML on the Add Posts page.