CVE-2019-11504

Zotonic before version 0.47 has mod_admin XSS.
Source: NIST
CVE-2019-11504