CVE-2017-14761

Name of the Vulnerable Software and Affected Versions GeniXCMS version 1.1.4

Description The issue is related to a Cross-Site Scripting (XSS) vulnerability. It affects the /inc/lib/backend/menus.control.php endpoint, specifically through the id parameter. This allows for potential XSS attacks.

Recommendations For GeniXCMS version 1.1.4, consider restricting access to the /inc/lib/backend/menus.control.php endpoint or avoid using the id parameter until a fix is available. As a temporary workaround, disabling the vulnerable functionality related to this endpoint may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.