CVE-2009-1749
Catviz 0.4.0 beta 1 contains multiple XSS in index.php, exploitable via the userman_form and webpages_form parameters. Root cause is improper handling of these inputs, allowing remote injection of arbitrary script/HTML. The vulnerability affects the ability to inject content into pages consumed b...