Stored XSS in CI4MS blog tag management

Successful exploitation allows an attacker to execute arbitrary JavaScript in the browser context of users who view affected tag pages or administrative interfaces. Because the payload is stored server-side and rendered persistently, it can affect multiple subsequent visitors, including administrators. Impact can include session theft, unauthorized actions performed in the victim's session, defacement of rendered content, access to sensitive data exposed to the browser, and compromise of administrative workflows. The provided CVSS context indicates scope change and potentially high confidentiality impact.

If immediate upgrade is not possible, restrict access to blog tag creation and editing to trusted users only, audit and sanitize existing tag records, and implement output encoding for tag names in all templates and administrative views. Additional defensive measures such as a strong Content Security Policy may reduce exploitability or impact, but they do not replace patching the vulnerable application logic.

Upgrade CI4MS to version 0.31.0.0 or later, where the issue has been patched. Ensure that tag name handling applies strict server-side validation and context-appropriate output encoding anywhere tag values are rendered, including public-facing pages and administrative panels. Review existing stored tag data for malicious payloads and remove or normalize any previously injected content.