Leerina

Name of the Vulnerable Software and Affected Versions: cszcms version 1.2.9 Description: A stored cross-site scripting (XSS) issue exists in the /admin/pages/new "API Endpoint" via the `content` parameter. This allows for malicious script execution. Recommendations: For cszcms version 1.2.9, as a temporary workaround, consider restricting access to the /admin/pages/new endpoint until a patch is available. Avoid using the `content` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.