CVE-2018-18261 (waimai_super_cms)

In waimai Super Cms 20150505, there is an XSS vulnerability via the /admin.php/Foodcat/addsave fcname parameter.
Source: NIST
CVE-2018-18261 (waimai_super_cms)