CVE-2017-14231

Name of the Vulnerable Software and Affected Versions GeniXCMS versions prior to 1.1.0

Description The issue allows remote attackers to cause a denial of service, specifically account blockage, by exploiting the mishandling of certain username substring relationships. This is related to files such as register.php, User.class.php, and Type.class.php.

Recommendations For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue. As a temporary workaround, consider restricting the registration of usernames that could be leveraged to cause a denial of service, such as those containing specific substrings that could be mishandled by the system.