CVE-2018-15583 (gnuboard5)

Cross-Site Scripting (XSS) vulnerability in point_list.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter.
Source: NIST
CVE-2018-15583 (gnuboard5)