Critical Stored DOM-Based XSS in CI4MS’s Methods Management allows attackers to execute malicious scripts across the administrative interface and global navigation.

The application fails to sanitize input when creating or managing application methods/pages. Attacker-controlled JavaScript payloads are stored server-side and later rendered directly into the DOM of administrative interfaces and global navigation components without proper output encoding.

Because the malicious payloads are rendered in global navigation components, this vulnerability has a wide impact across the entire administrative console. Attackers can perform unauthorized actions on behalf of administrators, leading to full site compromise. The CVSS score of 9.1 reflects the high risk of session hijacking and data manipulation.

Immediate Action: Update CI4MS to version 0.31.0.0 immediately to ensure all method-related inputs are properly sanitized and encoded before being rendered in the DOM.

Proactive Monitoring: Audit the "Methods Management" entries for suspicious script tags and monitor for unauthorized changes to site navigation or permissions.

Compensating Controls: Deploy a WAF to filter out common XSS payloads in POST requests and enforce a strict CSP to mitigate the impact of DOM-based script execution.

Public Exploit Available: No

Applying the 0.31.0.0 update is critical for maintaining the security of the CI4MS environment. Organizations should also perform a retrospective audit of their methods and pages to ensure no malicious payloads were introduced prior to patching.