Shfen9

**Name of the Vulnerable Software and Affected Versions** eyoucms version 1.6.3 **Description** A stored cross-site scripting (XSS) issue in the custom variables module allows attackers to execute arbitrary web scripts or HTML via a crafted payload. This could potentially lead to the execution of malicious code on the affected system. **Recommendations** For eyoucms version 1.6.3, consider disabling the custom variables module until a patch is available to prevent exploitation of the stored XSS issue. Restrict access to this module to minimize the risk of arbitrary web script or HTML execution.

**Name of the Vulnerable Software and Affected Versions** eyoucms version 1.6.3 **Description** A stored cross-site scripting issue in the Column management module allows attackers to execute arbitrary web scripts or HTML via a crafted payload. **Recommendations** For eyoucms version 1.6.3, consider disabling the Column management module until a patch is available to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** eyoucms version 1.6.3 **Description** A stored cross-site scripting issue in the Basic Information module allows attackers to execute arbitrary web scripts or HTML via a crafted payload. **Recommendations** For eyoucms version 1.6.3, update to a version that includes a fix for this issue, as no specific mitigation measures are provided for this version.

**Name of the Vulnerable Software and Affected Versions** eyoucms version 1.6.3 **Description** A stored cross-site scripting issue in the Basic Website Information module allows attackers to execute arbitrary web scripts or HTML via a crafted payload. **Recommendations** For eyoucms version 1.6.3, update to a version that includes a fix for this issue, as no specific workaround is provided for this version.