CVE-2026-34569 | ci4-cms-erp ci4ms 0.28.5.0 category title cross site scripting (GHSA-fhrf-q333-82fm)

Inserito da Angelo Barbosa | Apr 2, 2026 | CVE

A vulnerability classified as problematic was found in ci4-cms-erp ci4ms 0.28.5.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument category title results in cross site scripting.

This vulnerability is identified as CVE-2026-34569. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-34569 | ci4-cms-erp ci4ms 0.28.5.0 category title cross site scripting (GHSA-fhrf-q333-82fm)

Post correlati

CVE-2024-50810 | hopetree izone c011b48 Article Comment appscommentviews.py AddCommintView cross site scripting (Issue 289)

CVE-2024-24938 | JetBrains TeamCity prior 2023.11.2 Kotlin DSL Documentation path traversal

CVE-2026-1371 | Tutor LMS Plugin up to 3.9.5 on WordPress Coupon Details ajax_coupon_details authorization

CVE-2025-47687 | StoreKeeper for WooCommerce Plugin up to 14.4.4 on WordPress unrestricted upload