No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter.Referenceshttps://github.com/security-breachlock/CVE-2018-19902/blob/master/XSS.pdf
