CVE-2022-43320

Name of the Vulnerable Software and Affected Versions FeehiCMS version 2.1.1

Description A reflected cross-site scripting (XSS) issue was found in FeehiCMS. The vulnerability occurs via the id parameter at the "/web/admin/index.php?r=log%2Fview-layer" endpoint. This allows for potential XSS attacks.

Recommendations For FeehiCMS version 2.1.1, consider disabling access to the "/web/admin/index.php?r=log%2Fview-layer" endpoint until a patch is available. Avoid using the id parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.