CVE-2018-19136by Jeremyin Security Bulletinson Posted on November 9, 2018 DomainMOD through 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter.