CVE-2018-13849

edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt