CVE-2018-18741

Name of the Vulnerable Software and Affected Versions SEMCMS version 3.4

Description A cross-site scripting (XSS) issue was found in the software. The issue is related to the "admin/SEMCMS Download.php" endpoint, specifically when the lgid parameter is set to "1" during editing.

Recommendations For SEMCMS version 3.4, update to a version that includes a fix for this issue, as using the current version may pose a security risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.