Information from Nippon Institute of Agroinformatics Ltd.

An installer of SOY CMS has XSS vulnerability.

Affected version: 1.8.12 and lower

Fixed version: 1.8.13 (published on 19th April, 2017)

Solution
1. Update to the fixed version.
or
2. Delete an installer after you have installed SOY CMS.

Other information
1. If you have already delete an installer, there is no vulnerability relating this issue.
2. This vulnerability is not an vulnerability of SOY CMS itself.