CVE-2023-43874

Name of the Vulnerable Software and Affected Versions e017 CMS version 2.3.2

Description A Cross Site Scripting (XSS) issue allows a local attacker to execute arbitrary code via a crafted script to the Copyright and Author fields in the Meta & Custom Tags Menu. This enables the attacker to perform actions on the web application that are not intended by the developer, potentially leading to security breaches.

Recommendations For e017 CMS version 2.3.2, as a temporary workaround, consider restricting access to the Meta & Custom Tags Menu to minimize the risk of exploitation. Avoid using the Copyright and Author fields until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.