CVE-2017-14765

Name of the Vulnerable Software and Affected Versions GeniXCMS version 1.1.4

Description The issue concerns an XSS vulnerability. It can be triggered via the Menu ID field in a "page=menus" request to the "gxadmin/index.php" endpoint.

Recommendations For GeniXCMS version 1.1.4, as a temporary workaround, consider restricting access to the "gxadmin/index.php" endpoint, specifically for the "page=menus" request, until a patch is available. Avoid using the Menu ID field in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.