CVE-2023-36291

Name of the Vulnerable Software and Affected Versions Maxsite CMS version 108.7

Description The issue allows a remote attacker to execute arbitrary code via the f content parameter in the "admin/page new" file. This is a Cross Site Scripting vulnerability.

Recommendations For Maxsite CMS version 108.7, consider disabling access to the "admin/page new" file or restricting the use of the f content parameter until a patch is available. Avoid using the f content parameter in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.