CVE-2026-34559 | ci4-cms-erp ci4ms 0.28.5.0 tag name cross site scripting (GHSA-4333-387x-w245)

A vulnerability, which was classified as problematic, has been found in ci4-cms-erp ci4ms 0.28.5.0. Affected by this issue is some unknown functionality. This manipulation of the argument tag name causes cross site scripting.

This vulnerability is tracked as CVE-2026-34559. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More