← volver
CVE-2023-53891

Blackcat CMS 1.4 Stored Cross-Site Scripting via Page Modification

CVSS 5.1 MEDIUMEPSS 0.2%CWE-79
Blackcat CMS 1.4 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts into page content. Attackers can insert JavaScript payloads in the page modification interface that execute when other users view the compromised page.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
Productos afectados
blackcat-cms · Blackcat CMS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://blackcat-cms.org/https://www.exploit-db.com/exploits/51604https://www.vulncheck.com/advisories/blackcat-cms-stored-cross-site-scripting-via-page-modification