CVE-2023-53891

Blackcat CMS 1.4 Stored Cross-Site Scripting via Page Modification

CVSS 5.1 MEDIUMEPSS 0.2%CWE-79

Blackcat CMS 1.4 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts into page content. Attackers can insert JavaScript payloads in the page modification interface that execute when other users view the compromised page.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Produtos afetados

blackcat-cms · Blackcat CMS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://blackcat-cms.org/https://www.exploit-db.com/exploits/51604 https://www.vulncheck.com/advisories/blackcat-cms-stored-cross-site-scripting-via-page-modification