ZMS CMS version 3.2 suffers from multiple client-side cross site scripting vulnerabilities.