CVE-2023-44758

Name of the Vulnerable Software and Affected Versions GDidees CMS version 3.0

Description The issue is a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title. This enables attackers to inject malicious scripts into the website, potentially leading to unauthorized access or control.

Recommendations For GDidees CMS version 3.0, as a temporary workaround, consider restricting access to the Page Title feature until a patch is available. Additionally, avoid using crafted payloads in the Page Title to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.