Hamm0Nz

**Name of the Vulnerable Software and Affected Versions** Subrion CMS version 4.2.1 **Description** A Cross Site Scripting (XSS) issue exists via the `q` parameter in the Kickstart template, allowing for potential malicious script execution. **Recommendations** For Subrion CMS version 4.2.1, consider disabling the Kickstart template or restricting access to the `q` parameter until a patch is available. Avoid using the `q` parameter in the affected template to minimize the risk of exploitation.