In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI.Referenceshttps://packetstormsecurity.com/files/149596/CVE-2018-17595.txt
