CVE-2022-40001

Name of the Vulnerable Software and Affected Versions FeehiCMS version 2.1.1

Description The issue allows remote attackers to run arbitrary code via the title field of the create article page. This is a Cross Site Scripting (XSS) issue, which means an attacker can inject malicious scripts into the website, potentially leading to unauthorized access or control.

Recommendations For FeehiCMS version 2.1.1, as a temporary workaround, consider restricting access to the create article page or sanitizing the title field input to prevent code injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.