Funadmin

**Name of the Vulnerable Software and Affected Versions** Funadmin versions up to 3.2.3 **Description** A vulnerability has been found in the function `tagLoad` of the file `Cx.php`. The manipulation of the argument `file` leads to cross-site scripting. The attack can be launched remotely. **Recommendations** For versions up to 3.2.3, consider disabling the `tagLoad` function in the `Cx.php` file as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.