CVE-2017-8780

Name of the Vulnerable Software and Affected Versions GeniXCMS version 1.0.2

Description The issue is triggered by a comment that is mishandled during a publish operation by an administrator. This can be demonstrated by a malformed P element, leading to a cross-site scripting (XSS) issue.

Recommendations For GeniXCMS version 1.0.2, consider disabling the comment publishing feature for administrators until a patch is available to prevent potential exploitation. Restrict access to the publish operation to minimize the risk of XSS attacks.