CVE-2021-27679

Name of the Vulnerable Software and Affected Versions: Batflat CMS version 1.3.6

Description: The issue allows remote attackers to inject arbitrary web script or HTML via the field name variable, potentially leading to cross-site scripting (XSS) attacks. This could enable attackers to execute malicious scripts on the victim's browser.

Recommendations: For Batflat CMS version 1.3.6, update to a version that fixes this issue, as using the current version may pose a security risk due to the possibility of XSS attacks via the field name variable. At the moment, there is no information about a newer version that contains a fix for this vulnerability.