tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter.Referenceshttps://github.com/xujeff/tianti/issues/27
