The provided text describes a cross-site scripting (XSS) vulnerability in ArcademSX version 2.904, where user-supplied input via the 'cat' parameter is not properly sanitized. This allows arbitrary script execution in the context of the affected site.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:ArcademSX version 2.904
No auth needed
Prerequisites:Access to the vulnerable web application