Cross-site scripting (XSS) vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users with permissions to create categories to inject arbitrary web script or HTML via the cat. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.
XSS
PHP
Kasseler Cms
NVD
Exploit-DB
VulDB
CVSS 2.0
3.5
EPSS
0.9%