Cross-Site Scripting Vulnerability in BlackCat CMS by BlackCat
CVE-2014-5259

Currently unrated

Key Information:

Vendor: Blackcat-cms
Status: Blackcat Cms
Vendor: CVE Published:; 12 September 2014

🔔 Create Blackcat-cms Vulnerability Alert

What is CVE-2014-5259?

A cross-site scripting vulnerability exists in the CatTranslate JQuery plugin for BlackCat CMS, allowing attackers to inject malicious web scripts or HTML through the 'msg' parameter. This can potentially lead to unauthorized access, data theft, or manipulation of web content by executing malicious scripts in the context of the user’s browser.

References

http://www.securityfocus.com/archive/1/533336/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/69551

vdb-entryx_refsource_BID

http://forum.blackcat-cms.org/viewtopic.php?f=2&t=263

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 12, 2014
Vulnerability Reserved
Aug 15, 2014

JSON