CVE-2022-45755

Name of the Vulnerable Software and Affected Versions EyouCMS version 1.6.0

Description A cross-site scripting (XSS) issue allows attackers to execute arbitrary code via the home page description on the basic information page. This can be exploited by manipulating the home page description variable. The issue is related to the basic information page, specifically the home page description field, which is vulnerable to XSS attacks.

Recommendations For EyouCMS version 1.6.0, consider removing or restricting the ability to input arbitrary code in the home page description field on the basic information page as a temporary workaround until a patch is available. Restrict access to the basic information page to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.