Lsg2409

**Name of the Vulnerable Software and Affected Versions** Subrion CMS version 4.1.4 **Description** The issue is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the body to "blog/add/". This enables attackers to execute malicious scripts on the client-side, potentially leading to unauthorized actions or data theft. **Recommendations** For Subrion CMS version 4.1.4, update to a newer version that contains a fix for this issue, as using outdated software can expose users to security risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.