CI4MS CMS Vulnerable to Stored XSS via Menu Management

/HIGH
SCW vulnerabilitycve
CI4MS CMS Vulnerable to Stored XSS via Menu Management

CVE Notify is flagging a critical stored DOM-based cross-site scripting (XSS) vulnerability impacting versions of CI4MS prior to 0.31.0.0. The issue stems from improper sanitization of user-controlled input within the Menu Management functionality. Specifically, when adding Pages to navigation menus, data related to these pages is stored on the server and later rendered without adequate output encoding. This can lead to malicious payloads being injected and executed within administrative interfaces and public-facing navigation elements.

This means an attacker could potentially inject scripts that execute in the context of other users, including administrators. CVE Notify highlights that this vulnerability is particularly concerning because the stored payload can surface in multiple locations, increasing the attack surface. The good news is that this has been addressed in version 0.31.0.0, so patching is the clear path forward.

What This Means For You

  • Given this vulnerability allows for stored XSS via menu manipulation, ensure that all CI4MS instances are updated to version 0.31.0.0 or later. If immediate patching isn't feasible, implement strict input validation and output encoding on any user-submitted content used in navigation menus.

Related ATT&CK Techniques

T1189 Drive-by Compromise Initial Access T1566.002 Phishing: Spearphishing Link Initial Access T1059.007 Command and Scripting Interpreter: JavaScript Execution

๐Ÿ›ก๏ธ Detection Rules

1 rule ยท 6 SIEM formats

1 detection rule mapped to MITRE ATT&CK. Free Sigma YAML below.

medium T1189 Initial Access

Drive-by Download via Browser โ€” CVE-2026-34564

Sigma YAML โ€” free preview

Source: Shimi's Cyber World ยท License & reuse

Indicators of Compromise

IDTypeIndicator
CVE-2026-34564 XSS CI4MS prior to 0.31.0.0, Menu Management functionality, stored DOM-based XSS due to unsanitized user input in Page data stored server-side and rendered without proper output encoding.
CVE-2026-34564 Misconfiguration CI4MS prior to 0.31.0.0, failure to properly sanitize user-controlled input when adding Pages to navigation menus.

By Shimi's Cyber World Editorial

Related coverage

Featured

Daily Security Digest โ€” 2026-05-22

13 vulnerability disclosures (5 Critical, 8 High) and 14 curated intelligence stories from 6 sources.

daily-digestvulnerabilityCVEhigh-severitycwe-88privilege-escalationcwe-863criticalremote-code-executioncwe-434
/SCW Daily Digest /CRITICAL

WordPress Ditty Plugin: Authorization Bypass Exposes Non-Public Content

CVE-2026-9011 โ€” The Ditty โ€“ Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs

CVE-2026-8692 โ€” The Vedrixa Forms โ€“ User Registration Form, Signup Form &

CVE-2026-8692 โ€” The Vedrixa Forms โ€“ User Registration Form, Signup Form & Drag & Drop Form Builder plugin for WordPress is vulnerable to authorization bypass...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma