Posted by Curesec Research Team (CRT) on Sep 15

Anchor CMS 0.9.2: XSS
Security Advisory – Curesec Research Team

1. Introduction

Affected Product: Anchor CMS 0.9.2
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Contact: Website: http://anchorcms.com/
Vulnerability Type: XSS and Open Redirect
Remote Exploitable: Yes
Reported to vendor: 07/30/2015
Disclosed to public: 09/14/2015
Release mode: Full…