EUVD-2026-18070
GHSA-4333-387x-w245
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
Lifecycle Timeline
4Tags
Description
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog tags. An attacker can inject a malicious JavaScript payload into the tag name field, which is then stored server-side. This stored payload is later rendered unsafely across public tag pages and administrative interfaces without proper output encoding, leading to stored cross-site scripting (XSS). This issue has been patched in version 0.31.0.0.
Analysis
Stored cross-site scripting in CI4MS blog tag management (versions prior to 0.31.0.0) allows authenticated attackers to inject malicious JavaScript through unsanitized tag name fields, achieving code execution in victim browsers with scope change (CVSS 9.1, S:C). The payload persists server-side and executes on public tag pages and administrative interfaces, enabling session hijacking, credential theft, and administrative account compromise. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all CI4MS installations and document current versions in use; audit user accounts with tag creation privileges and disable unnecessary access. Within 7 days: Monitor vendor advisory channels and security bulletins for patch release; implement input validation rules at the application layer to sanitize tag name fields if available through configuration. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today