Public CVE-2018-19090 disclosure

tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter.