CVE-2017-17972

packages/subjects/pub/subjects.php in Archon 3.21 rev-1 has XSS in the referer parameter in an index.php?subjecttypeid=xxx request, aka Open Bug Bounty ID OBB-466362. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt