In BlackCat CMS 1.2, backend/settings/ajax_save_settings.php allows remote authenticated users to conduct XSS attacks via the Website header or Website footer field.
CPE | Name | Operator | Version |
---|---|---|---|
blackcatcms | eq | 1.0.2 | |
blackcatcms | eq | 1.0.1 | |
blackcatcms | eq | 1.0 | |
blackcatcms | eq | 1.0.3 | |
blackcatcms | eq | 1.0.2a | |
blackcatcms | eq | 1.2 | |
blackcatcms | eq | 1.1 |