Catfish CMS Cross-Site Scripting Vulnerability
Catfish CMS is an open source content management system CMS written in PHP. A cross-site scripting vulnerability exists in comments in Catfish CMS version 4.7.21. A remote attacker can exploit this vulnerability by sending the 'pinglun' parameter to cat/index/index/pinglun to inject arbitrary web...