Shumerez

**Name of the Vulnerable Software and Affected Versions** Armex ABO.CMS version 5.9 **Description** A Cross-site scripting (XSS) vulnerability in the login page php code allows remote attackers to inject arbitrary web script or HTML via the "login.php?" URL part. This issue enables attackers to execute malicious scripts on the client-side, potentially leading to unauthorized access or data theft. **Recommendations** For Armex ABO.CMS version 5.9, as a temporary workaround, consider restricting access to the login page until a patch is available. Avoid using the vulnerable login page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.