[MEDIUM] CI4MS: Stored XSS in Blog Content via Broken `html_purify` Validation Rule

PKSA-7xbg-9dns-gxm5 CVE-2026-45138 GHSA-2m69-jmvh-6chr

Affected package: ci4-cms-erp/ci4ms

Affected version: <=0.31.8.0

Reported by:
GitHub