CVE-2026-34562 | ci4-cms-erp ci4ms 0.28.5.0 Setting cross site scripting (GHSA-v897-c6vq-6cr3)

A vulnerability was found in ci4-cms-erp ci4ms 0.28.5.0. It has been classified as problematic. This affects an unknown part of the component Setting Handler. Performing a manipulation results in cross site scripting.

This vulnerability is reported as CVE-2026-34562. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More