CVE-2023-35859

Name of the Vulnerable Software and Affected Versions Modern Campus - Omni CMS version 2023.1

Description A Reflected Cross-Site Scripting (XSS) issue in the blog function allows a remote attacker to inject arbitrary scripts or HTML via multiple parameters.

Recommendations For Modern Campus - Omni CMS version 2023.1, consider restricting access to the blog function until a patch is available. As a temporary workaround, avoid using the vulnerable parameters in the blog function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.