Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote malicious users to run arbirtary code via the callback parameter to /cms/notify.
feehi feehicms 2.1.1