CVE-2014-5259 Information

Description

Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Reference

http://forum.blackcat-cms.org/viewtopic.php?f=2&t=263 http://packetstormsecurity.com/files/128141/BlackCat-CMS-1.0.3-Cross-Site-Scripting.html http://www.securityfocus.com/archive/1/533336/100/0/threaded http://www.securityfocus.com/bid/69551 https://exchange.xforce.ibmcloud.com/vulnerabilities/95717 https://www.htbridge.com/advisory/HTB23228