cpe:/a:cqu_lankers_project:cqu_lankers:2017-11-02 CVE-2018-17049 2018-09-14T03:29:01.487-04:00 2018-11-09T11:20:30.490-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2018-11-01T14:15:18.037-04:00 MISC https://github.com/TREYWANGCQU/LANKERS/issues/1 CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback parameter in an uploadpic action.