CVE-2026-34569 | ci4-cms-erp ci4ms 0.28.5.0 category title cross site scripting (GHSA-fhrf-q333-82fm)

Inserito da Angelo Barbosa | Apr 2, 2026 | CVE

A vulnerability classified as problematic was found in ci4-cms-erp ci4ms 0.28.5.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument category title results in cross site scripting.

This vulnerability is identified as CVE-2026-34569. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-34569 | ci4-cms-erp ci4ms 0.28.5.0 category title cross site scripting (GHSA-fhrf-q333-82fm)

Post correlati

CVE-2026-32748 | Squid Web Proxy up to 3.5.28/4.17/5.9/6.14/7.4 ICP Request denial of service

CVE-2024-13774 | wpcodefactory Wishlist for WooCommerce Plugin up to 3.1.7 on WordPress Setting save_to_multiple_wishlist cross-site request forgery

CVE-2025-62761 | BasePress Knowledge Base Documentation & Wiki Plugin up to 2.17.0.1 on WordPress cross site scripting

CVE-2024-1621 | NT-ware uniFLOW Online up to 2024.1.0 Registration verification of source