Eoniboogie

**Name of the Vulnerable Software and Affected Versions** FluentCMS version 1.2.3 **Description** Cross Site Scripting (XSS) exists in the TextHTML plugin. XSS is a flaw that allows an attacker to inject malicious scripts into web pages viewed by other users. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FluentCMS version 1.2.3 **Description** The application does not properly sanitize input in the `<head>` section, which can allow remote attackers to inject arbitrary script tags. This issue was identified after logging in as an administrator and navigating to the "Add Page" function. The issue is a cross-site scripting (XSS) condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.