CVE-2026-34559 | ci4-cms-erp ci4ms 0.28.5.0 tag name cross site scripting (GHSA-4333-387x-w245)

Inserito da Angelo Barbosa | Apr 2, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in ci4-cms-erp ci4ms 0.28.5.0. Affected by this issue is some unknown functionality. This manipulation of the argument tag name causes cross site scripting.

This vulnerability is tracked as CVE-2026-34559. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2026-34559 | ci4-cms-erp ci4ms 0.28.5.0 tag name cross site scripting (GHSA-4333-387x-w245)

Post correlati

CVE-2024-9878 | 10Web Photo Gallery Plugin up to 1.8.30 on WordPress cross site scripting

CVE-2024-6538 | Red Hat OpenShift Container Platform 4 internet server-side request forgery

CVE-2024-47196 | Siemens ModelSim/Questa prior 2024.3 vsimk.exe uncontrolled search path (ssa-426509)

CVE-2024-0753 | Mozilla Firefox up to 115.6 HSTS information disclosure