Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

XSS in Blackcat cms v1.2 #373

Closed
faizzaidi opened this issue Jun 21, 2017 · 3 comments
Closed

XSS in Blackcat cms v1.2 #373

faizzaidi opened this issue Jun 21, 2017 · 3 comments
Assignees
@webbird
Labels
security
Milestone
v1.3

Comments

@faizzaidi
Copy link

Hello,

I would like to report a vulnerability that I have found on Blackcat cms v1.2 in which Cross Site Scripting(XSS) attack is possible.

For details please go through attached document.

Blackcat cms v1.2 xss POC by Provensec llc.pdf

Regards,
Faiz Ahmed Zaidi
@BlackCatDevelopment BlackCatDevelopment deleted a comment from faizzaidi Jun 22, 2017
@webbird
Copy link
Contributor

webbird commented Jun 22, 2017

Deleted the PDF to protect our users.

Thank you for testing and reporting this issue. We will fix it as soon as possible.

@webbird webbird self-assigned this Jun 22, 2017
@webbird webbird added this to the v1.2.3 milestone Jun 22, 2017
webbird pushed a commit that referenced this issue Jun 22, 2017
fix for issue #373
0db8a84
@faizzaidi
Copy link
Author

Hello,
Did you guys patch that vulnerability?

@webbird
Copy link
Contributor

webbird commented Jul 7, 2017

Sure, see the commit. :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@webbird webbird

Labels
security
Projects
None yet
Milestone
v1.3
Development

No branches or pull requests
2 participants
@webbird @faizzaidi