JAF CMS version 4.0 suffers from a cross site scripting vulnerability.
bc711f92bd4f5743950a47e03a711bc7f52aca95fb478363810a2cf354c9c6e9
JAF CMS - 4.0 Cross Site Scripting Vulnerability
Source: http://sourceforge.net/projects/jaf-cms/
Author: Arham Muhammad
POC: http://site/path/index.php?show="><script>alert(/xss/);</script>
There Is No Sign Of Filteration In Jaf-Cms, Making It Prune To Xss
And Session Hijacking!