CVE-2023-1616

Name of the Vulnerable Software and Affected Versions TeaCMS versions up to 2.0.2

Description A problematic issue was found in TeaCMS, affecting an unknown function of the Article Title Handler component. This issue allows for cross site scripting when an attacker manipulates the input with malicious code, such as <script>alert(document.cookie)</script>. The attack can be launched remotely.

Recommendations For TeaCMS versions up to 2.0.2, consider restricting the input to prevent cross site scripting attacks until a patch is available. As a temporary workaround, restrict access to the Article Title Handler component to minimize the risk of exploitation.