2018-02-27 21:00:00
mitre
PUBLISHED
lyadmin 1.x has XSS via the config[WEB_SITE_TITLE] parameter to the /admin.php?s=/admin/config/groupsave.html URI.