CVE-2017-11179

FineCMS through 2017-07-11 has stored XSS in route=admin when modifying user information, and in route=register when registering a user account.