CVE-2026-34563

Name of the Vulnerable Software and Affected Versions: CI4MS versions prior to 0.31.0.0

Description: The application does not properly sanitize user-controlled input when handling backup uploads and processing backup metadata. An attacker can inject a malicious JavaScript payload into the backup filename via the uploaded xss.sql file, which uses SQL functionality to insert the XSS payload server-side. This stored payload is later rendered unsafely in multiple backup management views without proper output encoding, leading to stored blind cross-site scripting (Blind XSS). Affected API endpoints include /backend/backup/upload, /backend/backup/, and /backup/{id}. The vulnerable parameter is the backup filename.

Recommendations: Update to version 0.31.0.0 or later.