Pligg CMS 1.2.1 Cross Site Scripting / Local File Inclusion

Advisory ID: HTB23089 Product: Pligg CMS Vendor: Pligg, LLC. Vulnerable Versions: 1.2.1 and probably prior Tested Version: 1.2.1 Vendor Notification: 25 April 2012 Vendor Patch: 18 May 2012 Public Disclosure: 23 May 2012 Vulnerability Type: Local File Inclusion, Cross-Site Scripting XSS CVE...