Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the map_language parameter to backend/pages/lang_settings.php.
CPE | Name | Operator | Version |
---|---|---|---|
blackcatcms | eq | 1.0.2 | |
blackcatcms | eq | 1.0.1 | |
blackcatcms | eq | 1.0 | |
blackcatcms | eq | 1.0.3 | |
blackcatcms | eq | 1.0.2a | |
blackcatcms | eq | 1.2 | |
blackcatcms | eq | 1.1 |