Zhujieta0O

**Name of the Vulnerable Software and Affected Versions** FeehiCMS version 2.1.1 **Description** A reflected cross-site scripting (XSS) issue was found in FeehiCMS. The vulnerability occurs via the `id` parameter at the "/web/admin/index.php?r=log%2Fview-layer" endpoint. This allows for potential XSS attacks. **Recommendations** For FeehiCMS version 2.1.1, consider disabling access to the "/web/admin/index.php?r=log%2Fview-layer" endpoint until a patch is available. Avoid using the `id` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.