Security Advisories - PKSA-rqgq-p6xv-4qz8 - Packagist.org

PKSA-rqgq-p6xv-4qz8 Security Advisory

[CRITICAL] CI4MS: Permissions Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

PKSA-rqgq-p6xv-4qz8 CVE-2026-34557 GHSA-rpjr-985c-qhvm

Affected package: ci4-cms-erp/ci4ms

Affected version: <=0.28.6.0

Reported by:
GitHub