[CRITICAL] CI4MS: Methods Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

PKSA-r2q1-2d2k-3p65 CVE-2026-34558 GHSA-v77r-xg3p-75g7

Affected package: ci4-cms-erp/ci4ms

Affected version: <=0.28.6.0

Reported by:
GitHub