XSS Vulnerability in BlackCat CMS 1.2 Backend Settings

XSS Vulnerability in BlackCat CMS 1.2 Backend Settings

CVE-2017-14049 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

In BlackCat CMS 1.2, backend/settings/ajax_save_settings.php allows remote authenticated users to conduct XSS attacks via the Website header or Website footer field.

Learn more about our Web App Pen Testing.