Ia9D7F

**Name of the Vulnerable Software and Affected Versions** heyewei SpringBootCMS up to 2024-05-28 **Description** A vulnerability has been found in the Guestbook Handler component of heyewei SpringBootCMS, affecting an unknown function of the file /guestbook. The manipulation of the `Content` argument leads to cross-site scripting. This issue can be exploited remotely. **Recommendations** For heyewei SpringBootCMS up to 2024-05-28, as a temporary workaround, consider restricting access to the /guestbook file until a patch is available. Avoid using the `Content` argument in the affected Guestbook Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.