雨下整夜

**Name of the Vulnerable Software and Affected Versions** Dreamer CMS version 4.1.3 **Description** A stored cross-site scripting (XSS) issue was found in Dreamer CMS via the component /admin/u/toIndex. This allows for malicious scripts to be stored and executed on the site. **Recommendations** For Dreamer CMS version 4.1.3, as a temporary workaround, consider restricting access to the /admin/u/toIndex component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.