CVE-2014-4195

Name of the Vulnerable Software and Affected Versions ZeroCMS version 1.0

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the article id parameter in the zero view article.php file.

Recommendations For ZeroCMS version 1.0, avoid using the article id parameter in the vulnerable zero view article.php file until a fix is available. As a temporary workaround, consider restricting access to the zero view article.php file to minimize the risk of exploitation.