4Unkur

**Name of the Vulnerable Software and Affected Versions** Subrion CMS version 4.2.2 **Description** A Cross Site Scripting (XSS) issue exists when adding a blog and then editing an image file. This allows for potential malicious script execution. **Recommendations** For Subrion CMS version 4.2.2, update to a version that contains a fix for this issue, as the current version is affected by the XSS vulnerability when editing image files after adding a blog. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Subrion version 4.2.1 **Description** The issue is related to Stored XSS that can be exploited via the admin panel URL configuration. **Recommendations** For Subrion version 4.2.1, update to a newer version that contains a fix for this issue, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.