CVE-2023-41597

Name of the Vulnerable Software and Affected Versions EyouCms version 1.6.2

Description A reflected cross-site scripting (XSS) issue was found in the component "/admin/twitter.php?active t". This issue can be exploited to execute malicious scripts.

Recommendations For EyouCms version 1.6.2, as a temporary workaround, consider restricting access to the "/admin/twitter.php" endpoint until a patch is available. Avoid using the active t parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.