source: https://www.securityfocus.com/bid/53181/info
Anchor CMS is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.
Attacker-supplied HTML and script code could be executed in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks may also be possible.
Anchor CMS 0.6-14-ga85d0a0 is vulnerable; other versions may also be affected.
Anchor CMS v0.6 Multiple Persistent XSS Vulnerabilities
XSS 0
XSS 1
XSS 2
XSS 3
XSS 4
XSS 5
XSS 6