Emily Gosney

**Name of the Vulnerable Software and Affected Versions** CU Solutions Group (CUSG) Content Management System (CMS) versions prior to 7.75 **Description** A Cross Site Scripting (XSS) issue allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the "login.php" component. **Recommendations** For versions prior to 7.75, update to version 7.75 or later to resolve the issue. As a temporary workaround, consider restricting access to the "login.php" component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** CU Solutions Group (CUSG) Content Management System (CMS) versions prior to 7.75 **Description** A Cross Site Scripting (XSS) issue allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the `users.php` component. **Recommendations** For versions prior to 7.75, update to version 7.75 or later to resolve the issue. As a temporary workaround, consider restricting access to the `users.php` component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** CU Solutions Group (CUSG) Content Management System (CMS) versions prior to 7.75 **Description** The issue is related to a Blind SQL Injection vulnerability in the pages.php component, which can be exploited by a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information. This is due to the lack of protection measures for the SQL query structure. **Recommendations** For versions prior to 7.75, update to version 7.75 or later to resolve the issue. As a temporary workaround, consider restricting access to the pages.php component until a patch is available.