CVE-2018-19892by Jeremyin Security Bulletinson Posted on December 6, 2018 DomainMOD through 4.11.01 has XSS via the admin/dw/add-server.php DisplayName, HostName, or UserName field.