A stored DOM XSS vulnerability in CI4MS allows attackers to perform full account takeover and privilege escalation.

An attacker can upload a crafted SQL file containing a malicious filename that triggers stored DOM XSS when processed by the backup module. This allows for the execution of arbitrary JavaScript in the context of an administrator's session.

The ability to execute JavaScript in an administrator's browser leads directly to account takeover and full control over the CMS. Given the 9.1 CVSS score, this is a critical threat to the integrity and availability of the managed content and infrastructure.

Immediate Action: Update CI4MS to version 0.31.5.0 immediately.

Proactive Monitoring: Monitor application logs for suspicious file uploads or unusual backup module activity.

Compensating Controls: Implement strict file type and name validation on the server side and utilize a Content Security Policy (CSP) to mitigate the impact of XSS attacks.

Public Exploit Available: false

Administrators must update to the patched version immediately. Additionally, verify that all existing backup files are clean and that no malicious payloads have already been stored.