CVE-2026-34561 | ci4-cms-erp ci4ms 0.28.5.0 Setting cross site scripting (GHSA-gcfj-cf7j-vwgj)

A vulnerability has been found in ci4-cms-erp ci4ms 0.28.5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. This manipulation causes cross site scripting.

This vulnerability is registered as CVE-2026-34561. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More