Balvindersingh23

**Name of the Vulnerable Software and Affected Versions** BlackCatCMS version 1.3 **Description** A cross-site scripting (XSS) issue exists, allowing remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel in backend/pages/modify.php. **Recommendations** For BlackCatCMS version 1.3, as a temporary workaround, consider restricting access to the `search panel` in `backend/pages/modify.php` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.