CVE-2023-53891

UNKNOWN 0.0

Blackcat CMS 1.4 Stored Cross-Site Scripting via Page Modification

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Blackcat CMS 1.4 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts into page content. Attackers can insert JavaScript payloads in the page modification interface that execute when other users view the compromised page.

CWE	CWE-79
Vendor	blackcat-cms
Product	blackcat cms
Published	Dec 15, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for blackcat-cms blackcat cms

Be the first to know when new unknown vulnerabilities affecting blackcat-cms blackcat cms are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

blackcat-cms / Blackcat CMS

1.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/51604 blackcat-cms.org: https://blackcat-cms.org/ vulncheck.com: https://www.vulncheck.com/advisories/blackcat-cms-stored-cross-site-scripting-via-page-modification

Credits

Mirabbas Ağalarov