CatfishCMS suffers from a cross-site scripting vulnerability
CatfishCMS is an open source content management system CMS written in PHP. A cross-site scripting vulnerability exists in Catfish CMS version V4.8.27, which can be exploited by a remote attacker to inject arbitrary Web script or HTML by sending the 'pinglun' parameter to the /index/Index/pinglun...