CVE-2017-14762

Name of the Vulnerable Software and Affected Versions GeniXCMS version 1.1.4

Description The issue is related to a Cross-Site Scripting (XSS) problem. Specifically, the /inc/lib/Control/Backend/menus.control.php endpoint is vulnerable to XSS via the id parameter. This means an attacker could potentially inject malicious scripts into the website, affecting users who interact with the vulnerable page.

Recommendations For GeniXCMS version 1.1.4, as a temporary workaround, consider restricting access to the /inc/lib/Control/Backend/menus.control.php endpoint or avoid using the id parameter in this context until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.