CVE-2018-12624

An issue was discovered in Eventum 3.5.0. /htdocs/post_note.php has XSS via the garlic_prefix parameter.
Source: NIST
CVE-2018-12624