CVE-2022-37059

Name of the Vulnerable Software and Affected Versions Subrion CMS version 4.2.1

Description The issue allows an attacker to inject arbitrary code via the Login Field in the Admin Panel, potentially leading to Cross Site Scripting (XSS) attacks. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For Subrion CMS version 4.2.1, consider disabling the Login Field in the Admin Panel as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.