Posted by Curesec Research Team (CRT) on Dec 23

Security Advisory – Curesec Research Team

1. Introduction

Affected Product: CouchCMS 1.4.5
Fixed in: 1.4.7
Fixed Version Link: http://www.couchcms.com/products/
Vendor Website: http://www.couchcms.com/
Vulnerability Type: XSS & Open Redirect
Remote Exploitable: Yes
Reported to vendor: 11/17/2015
Disclosed to public: 12/21/2015
Release mode: Coordinated Release
CVE: n/a
Credits Tim…