An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is XSS in invitation mail received from a different user, who can modify the HTML in that mail before sending it.
https://www.excellium-services.com/cert-xlm-advisory/cve-2018-10213/