Kimsq cms has an xss storage vulnerability User Center Profile Storage xss In the theme you can insert the xss code, you can get the administrator's cookie