2 matches found
CVE-2023-26847
A stored cross-site scripting XSS vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the state parameter at opencats/index.php?m=candidates...
CVE-2022-48012
Opencats v0.9.7 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /opencats/index.php?m=settings&a=ajaxtagsupd...