CVE-2009-2228

Cross-site scripting (XSS) vulnerability in engine.php in Kasseler CMS allows remote attackers to inject arbitrary web script or HTML via the url parameter in a redirect action.