CVE-2023-43344

Name of the Vulnerable Software and Affected Versions opensolution Quick CMS version 6.7

Description A cross-site scripting (XSS) issue allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component. This enables the attacker to perform actions on the website that they would not normally be able to do.

Recommendations For opensolution Quick CMS version 6.7, as a temporary workaround, consider restricting access to the SEO - Meta description parameter in the Pages Menu component until a patch is available. Avoid using the SEO - Meta description parameter in the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.