Cross Site Scripting (XSS) vulnerability exists in index.html in AFI WebACMS up to and including 2.1.0 via the the ID parameter.
afi-solutions webacms