2021-07-09 21:55:58
mitre
PUBLISHED
A stored cross site scripting (XSS) vulnerability in the Admin-Tools feature of BlackCat CMS 1.3.6 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads entered into the Output Filters and Droplets modules.