Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.Referenceshttp://jvn.jp/en/jp/JVN07538357/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2015-000061http://jvn.jp/en/jp/JVN07538357/995657/index.html
