Wind226

Name of the Vulnerable Software and Affected Versions: PublicCMS versions 4.0 Description: The issue is related to a Cross Site Scripting (XSS) vulnerability. This vulnerability can be exploited to obtain an admin cookie when the Administrator reviews a submitted case. Recommendations: For PublicCMS version 4.0, update to a newer version that contains a fix for this issue to prevent exploitation.

Name of the Vulnerable Software and Affected Versions: PbootCMS version 2.0.3 Description: The issue is a Cross Site Scripting (XSS) vulnerability. It affects the admin.php file. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. Recommendations: For PbootCMS version 2.0.3, consider disabling access to the admin.php file until a patch is available. Restrict input validation in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.