CVE-2020-25391

Name of the Vulnerable Software and Affected Versions: CSZ CMS version 1.2.9

Description: A cross-site scripting issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the New Pages field under the Pages Content module.

Recommendations: For CSZ CMS version 1.2.9, consider restricting access to the Pages Content module to minimize the risk of exploitation. Avoid using the New Pages field until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.