Ww

**Name of the Vulnerable Software and Affected Versions** CMS Made Simple versions 2.2.14 **Description** The issue allows stored XSS via the Extensions > File Picker. **Recommendations** For version 2.2.14, consider disabling the File Picker feature in the Extensions section until a patch is available. Restrict access to the File Picker module to minimize the risk of exploitation. Avoid using the File Picker functionality in the affected version until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.