Kasseler · Kasseler Cms · CVE-2009-2228
**Name of the Vulnerable Software and Affected Versions**
Kasseler CMS (affected versions not specified)
**Description**
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `url` parameter in a redirect action. This occurs in the `engine.php` file.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.