Beetrio189

**Name of the Vulnerable Software and Affected Versions** NukeViet CMS versions prior to 4.5.08 **Description** Stored Cross-Site Scripting (XSS) occurs due to insufficient server-side input sanitization in the Request class. The application relies on client-side filtering to sanitize HTML tags and attributes, which can be bypassed by modifying HTTP requests. This allows an anonymous visitor to inject malicious payloads that are stored on the server and executed in the browser of any user viewing the content, such as administrators or moderators reviewing comments or contact messages. Potential impacts include session hijacking through cookie theft, unauthorized actions performed under the victim's identity, defacement, redirection to phishing pages, and phishing via manipulated email notifications. **Recommendations** Update to version 4.5.08. Implement server-side HTML sanitization in the Request class to strip or encode dangerous tags and attributes such as `<iframe>`, `srcdoc`, and event handlers like `onerror` or `onload`. Enforce a Content Security Policy (CSP) to restrict inline script execution. Set cookies with the `HttpOnly` flag to mitigate cookie theft.