A stored xss in tianma-static module versions <=1.0.4 allows an attacker to execute arbitrary javascript.Referenceshttps://hackerone.com/reports/403692
