CVE-2024-7657

Name of the Vulnerable Software and Affected Versions Gila CMS version 1.10.9

Description A problematic issue was found in Gila CMS, affecting an unknown part of the file /cm/update rows/page?id=2 within the HTTP POST Request Handler component. The manipulation of the content argument leads to cross-site scripting. This issue can be initiated remotely.

Recommendations For Gila CMS version 1.10.9, patch immediately and validate user input to mitigate the risk of malicious script execution. As a temporary workaround, consider restricting access to the /cm/update rows/page?id=2 endpoint until a patch is available.