CVE-2026-34566 | ci4-cms-erp ci4ms 0.28.5.0 cross site scripting (GHSA-458r-h248-29c5)

April 2, 2026 Yanac

A vulnerability labeled as problematic has been found in ci4-cms-erp ci4ms 0.28.5.0. The impacted element is an unknown function. Such manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2026-34566. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.VulDB Recent EntriesRead More

CVE-2026-34567 | ci4-cms-erp ci4ms 0.28.5.0 Categories Section cross site scripting (GHSA-r33w-c82v-x5v7)
CVE-2026-34564 | ci4-cms-erp ci4ms up to 0.31.0.0 Pages Section cross site scripting (GHSA-g4pp-fhgf-8653)