CVE-2018-16626 (typesetter)

index.php/Admin/Classes in Typesetter 5.1 allows XSS via the description of a new class name.
Source: NIST
CVE-2018-16626 (typesetter)