CVE-2018-11227

Monstra CMS before 3.0.4 has XSS via index.php.
Source: NIST
CVE-2018-11227