Skdft

**Name of the Vulnerable Software and Affected Versions** LightCMS version 1.3.11 **Description** A stored cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML by uploading a crafted PDF file. **Recommendations** For version 1.3.11, consider disabling the file upload feature, specifically for PDF files, until a patch is available to prevent exploitation of this issue.