CVE-2010-0675

Name of the Vulnerable Software and Affected Versions BGS CMS version 2.2.1

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the search parameter in a search action. This could potentially lead to unauthorized actions on the affected system.

Recommendations For BGS CMS version 2.2.1, consider restricting access to the search functionality until a patch is available, and avoid using the search parameter in the affected API endpoint. At the moment, there is no information about a newer version that contains a fix for this vulnerability.