Unrated severityNVD Advisory· Published Feb 16, 2021· Updated Aug 3, 2024
CVE-2021-27237
CVE-2021-27237
Description
The admin panel in BlackCat CMS 1.3.6 allows stored XSS (by an admin) via the Display Name field to backend/preferences/ajax_save.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- BlackCat/CMSdescription
- Range: = 1.3.6
Patches
Vulnerability mechanics
References
3- github.com/BlackCatDevelopment/BlackCatCMS/commits/release-1.4/upload/backend/preferences/ajax_save.phpmitrex_refsource_MISC
- github.com/BlackCatDevelopment/BlackCatCMS/compare/1.3.6...1.4Betamitrex_refsource_MISC
- www.exploit-db.com/exploits/49565mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.