CVE-2026-34565 โ CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready,โฆ
Image via opengraph.githubassets.com
๐จ CVE-2026-34565 CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when adding Posts to navigation menus through th
Release v0.31.0.0 - Major Security & Framework Update (CI 4.7.1 & Shield Integration) ยท ci4-cms-erp/ci4ms
github.com
What This Means For You
- New vulnerability disclosed โ verify if your stack is exposed.
Related ATT&CK Techniques
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-34565 | XSS | CI4MS prior to 0.31.0.0, Menu Management functionality, failure to sanitize user-controlled input when adding Posts to navigation menus, stored DOM-based XSS due to unsafely rendered values in administrative dashboards and public-facing navigation menus. |
Source & Attribution
| Source Platform | Telegram |
| Channel | CVE Notify |
| Channel ID | 1129491012 |
| Message ID | 158176 |
| Published | April 06, 2026 at 19:57 UTC |
| Original Link | https://github.com/ci4-cms-erp/ci4ms/releases/tag/0.31.0.0 |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Found this interesting? Follow us on LinkedIn to stay ahead.
Share