CVE-2026-34563 | ci4-cms-erp ci4ms 0.28.5.0 cross site scripting (GHSA-85m8-g393-jcxf)

April 2, 2026 Yanac

A vulnerability categorized as problematic has been discovered in ci4-cms-erp ci4ms 0.28.5.0. Impacted is an unknown function. The manipulation results in cross site scripting.

This vulnerability is known as CVE-2026-34563. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2026-34564 | ci4-cms-erp ci4ms up to 0.31.0.0 Pages Section cross site scripting (GHSA-g4pp-fhgf-8653)
CVE-2026-34530 | filebrowser File Browser up to 2.62.1 Branding cross site scripting (GHSA-xfqj-3vmx-63wv)