CVE-2017-14740

Name of the Vulnerable Software and Affected Versions: GeniXCMS version 1.1.0

Description: A cross-site scripting (XSS) issue allows remote authenticated users to inject arbitrary web script or HTML via the Menu ID when adding a menu. This could potentially lead to unauthorized actions on the affected system.

Recommendations: For GeniXCMS version 1.1.0, consider disabling the menu addition feature until a patch is available to prevent exploitation of the XSS vulnerability. Restrict access to the menu management module to minimize the risk of unauthorized script injection. Avoid using the Menu ID parameter when adding a menu until the issue is resolved.