CVE-2023-48824

Name of the Vulnerable Software and Affected Versions BoidCMS version 2.0.1

Description The issue is related to Multiple Stored Cross-Site Scripting (XSS) problems. These issues can be triggered via the title, subtitle, footer, or keywords parameter in a "page=create" action.

Recommendations For BoidCMS version 2.0.1, as a temporary workaround, consider restricting the use of the title, subtitle, footer, and keywords parameters in the "page=create" action until a patch is available. Avoid using these parameters in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.