CVE-2022-40373

Name of the Vulnerable Software and Affected Versions FeehiCMS version 2.1.1

Description A Cross Site Scripting (XSS) issue allows remote attackers to run arbitrary code via the upload of a crafted XML file. This enables attackers to execute malicious scripts on the victim's browser, potentially leading to unauthorized actions.

Recommendations For FeehiCMS version 2.1.1, as a temporary workaround, consider restricting the upload of XML files or validating all uploaded files to prevent malicious content. At the moment, there is no information about a newer version that contains a fix for this vulnerability.