Cross-site scripting (XSS) vulnerability in edit/showmedia.asp in doITLive CMS 2.50 and earlier allows remote attackers to inject arbitrary web script or HTML via the FILE parameter.Referenceshttp://www.securityfocus.com/bid/29789http://www.bugreport.ir/?/43https://exchange.xforce.ibmcloud.com/vulnerabilities/43164http://secunia.com/advisories/30705https://www.exploit-db.com/exploits/5849
