CVE-2024-27734
CSZ CMS v1.3.0 is affected by a Cross-Site Scripting (XSS) in the Site Settings → Site Name field. The root cause is insufficient filtering/escaping of user-supplied data, enabling an attacker to inject script and potentially execute arbitrary code. CVSS v3.1 base score 6.1 (Medium) with network ...