A critical stored XSS vulnerability in CI4MS blog categories allows attackers to compromise both site visitors and administrative users through malicious script injection.

The application fails to sanitize input when creating or editing blog categories. An attacker can inject a payload into the category title, which is then rendered without encoding on public blog pages and administrative views, facilitating a Stored XSS attack.

This vulnerability poses a dual threat: it can be used to hijack administrative sessions or to attack site visitors via drive-by downloads or credential harvesting. The CVSS score of 9.9 highlights the extreme risk of widespread session hijacking and site-wide compromise.

Immediate Action: Upgrade CI4MS to version 0.31.0.0 to implement necessary output encoding and input sanitization.

Proactive Monitoring: Scan the database for existing blog category titles containing <script> tags or other HTML event handlers.

Compensating Controls: Implement a robust Content Security Policy (CSP) and ensure all administrative actions require multi-factor authentication (MFA) to limit the impact of session hijacking.

Public Exploit Available: false

Due to the high CVSS score and the public-facing nature of the vulnerability, immediate patching is the only viable solution. Organizations must update to version 0.31.0.0 to protect their users and their administrative integrity.