Security Advisories - PKSA-5wvv-b5q1-7q3y - Packagist.org

PKSA-5wvv-b5q1-7q3y Security Advisory

[MEDIUM] CI4MS: System Settings (Company Information) Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

PKSA-5wvv-b5q1-7q3y CVE-2026-34562 GHSA-v897-c6vq-6cr3

Affected package: ci4-cms-erp/ci4ms

Affected version: <=0.28.6.0

Reported by:
GitHub