Posted by ITAS Team on Jan 12
# Exploit Title: XSS Vulnerability in Fork CMS 3.8.3
# Google Dork: N/A
# Date: 12/26/2014
# Exploit Author: Le Ngoc phi (phi.n.le () itas vn) and ITAS Team (www.itas.vn)
# Vendor Homepage: http://www.fork-cms.com
# Software Link: http://www.fork-cms.com/blog/detail/fork-3.8.4-released
# Version: Fork 3.8.3
# Tested on: N/A
# CVE : CVE-2014-9470
::VULNERABILITY DETAIL::
– Vulnerable parameter: q_widget
– Vulnerable file:…