[CRITICAL] CI4MS: Menu Management (Posts) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

PKSA-xz64-59cc-54j6 CVE-2026-34565 GHSA-xgh5-w62m-8mpr

Affected package: ci4-cms-erp/ci4ms

Affected version: <=0.28.6.0

Reported by:
GitHub