CVE-2018-12919
In CraftedWeb through 2013-09-24, aasp_includes/pages/notice.php allows XSS via the e parameter.
6.1CVSS
5.9AI Score
0.002EPSS
CVE-2018-16450
CraftedWeb through 2013-09-24 has reflected XSS via the p parameter.
6AI Score
0.001EPSS