CVE-2021-25295

OpenCATS through 0.9.5-3 has multiple Cross-site Scripting (XSS) issues.

References

https://snoopysecurity.github.io/web-application-security/2021/01/16/09_opencats_php_object_injection.html

https://github.com/snoopysecurity/snoopysecurity.github.io/blob/master/web-application-security/2021/01/16/09_opencats_php_object_injection.html

https://www.opencats.org/news/