Persistent Cross-Site Scripting (XSS) vulnerability in the "Categories" feature in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the name field.Referenceshttps://sourceforge.net/p/seeddms/code/ci/seeddms-5.1.x/tree/CHANGELOGhttps://www.contextis.com/resources/advisories/cve-2018-12944
