Liufee

**Name of the Vulnerable Software and Affected Versions** Feehi CMS version 2.1.1 **Description** An authenticated stored cross-site scripting (XSS) issue exists in the creation/editing module. This allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the `Title` parameter. **Recommendations** As a temporary workaround, restrict access to the creation/editing module or avoid using the `Title` parameter until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.