CVE-2020-23962
This CVE-2020-23962 is a documented XSS vulnerability in Catfish CMS 4.9.90. The flaw allows an attacker to inject arbitrary web scripts/HTML via the announcement_gonggao parameter, enabling script execution in the victim’s browser. The affected component is Catfish CMS (version 4.9.90); the root...