CVE-2019-13341

In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php (comment box), which can be used to get a user’s cookie.
Source: NIST
CVE-2019-13341