CVE-2023-48986 Information

Description

Cross Site Scripting (XSS) vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code escalate privileges and obtain sensitive information via a crafted script to the users.php component.

Reference

https://www.lmgsecurity.com/news/critical-software-vulnerabilities-impacting-credit-unions-discovered-by-lmg-security-researcher-immediate-action-recommended/