Description: Camaleon CMS v2.7.4 was discovered to contain a Cross Site Scripting (store XSS).
Affected Component: All versions that are below 2.7.4
Step to reproduce: Detection and Exploitation:
- Go to seting content group
2.Inject payload : "' test <img src="" onerror="alert(1)"> to name of post type
- Access to admin page. Then the script is execute
POC:
