Medium severity5.4NVD Advisory· Published Jul 17, 2017· Updated Jun 17, 2026
CVE-2017-9609
CVE-2017-9609
Description
Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the map_language parameter to backend/pages/lang_settings.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:blackcat-cms:blackcat_cms:1.2:*:*:*:*:*:*:*
- Range: = 1.2
Patches
Vulnerability mechanics
References
2- github.com/BlackCatDevelopment/BlackCatCMS/issues/373nvdIssue TrackingPatchThird Party Advisory
- packetstormsecurity.com/files/143103/Blackcat-CMS-1.2-Cross-Site-Scripting.htmlnvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.