CVE-2022-3950

Name of the Vulnerable Software and Affected Versions sanluan PublicCMS (affected versions not specified)

Description A vulnerability was found in sanluan PublicCMS, affecting the function initLink of the file dwz.min.js of the component Tab Handler. The manipulation leads to cross-site scripting. It is possible to launch the attack remotely.

Recommendations To fix this issue, it is recommended to apply a patch with the name a972dc9b1c94aea2d84478bf26283904c21e4ca2. As a temporary workaround, consider disabling the initLink function until a patch is available. Restrict access to the dwz.min.js file to minimize the risk of exploitation.