There are multiple Persistent XSS vulnerabilities in Radiant CMS 1.1.4. They affect Personal Preferences (Name and Username) and Configuration (Site Title, Dev Site Domain, Page Parts, and Page Fields).

References

• https://nvd.nist.gov/vuln/detail/CVE-2018-7261
• https://web.archive.org/web/20200227130121/http://www.securityfocus.com/bid/103080
• https://web.archive.org/web/20201209055741/http://www.securityfocus.com/archive/1/541798/100/0/threaded