Cross Site Scripting vulnerability in BigTree CMS v.4.5.7 allows a remote attacker to execute arbitrary code via the ID parameter in the Developer Settings functions.Referenceshttps://www.bigtreecms.org/download/core/https://github.com/Ciber-Mike/BigTree_CMS-Stored_XSS-Developer_Settings/blob/main/README.md