UCMS 1.4.7 has XSS via the description parameter in an index.php list_editpost action.
ucms project ucms 1.4.7