MODX Revolution 2.6.3 has XSS.
CWE-79
CVE-2018-10383
Lantronix SecureLinx Spider (SLS) 2.2+ devices have XSS in the auth.asp login page.
CVE-2018-10391
An issue was discovered in WUZHI CMS 4.1.0. There is XSS via the email parameter to the index.php?m=member&v=register URI.
CVE-2018-10314
Cross-site scripting (XSS) vulnerability in Open-AudIT Community 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the action parameter in the Discover -> Audit Scripts -> List Scripts -> Download section.
CVE-2018-10318
Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] parameter, aka Edit Page Metadata.
CVE-2018-10319
Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] parameter, aka Edit Snippet.
