CVE-2018-14478 (coppermine_photo_gallery)

ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter.
Source: NIST
CVE-2018-14478 (coppermine_photo_gallery)