Cross-site scripting (XSS) vulnerability in Kasseler CMS prior to 2 r1232 allows remote authenticated users with permissions to create categories to inject arbitrary web script or HTML via the cat parameter in an admin_new_category action to admin.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kasseler-cms kasseler-cms |