CVE-2025-11019

🗓️ 26 Sep 2025 14:32:07Reported by VulDBType

Total.js CMS Files Menu remote cross site scripting vulnerability affecting versions up to 19.9.0.

Reporter	Title	Published	Views	Family All 8
CNNVD	Total.js CMS 代码注入漏洞	26 Sep 202500:00	–	cnnvd
Cvelist	CVE-2025-11019 Total.js CMS Files Menu cross site scripting	26 Sep 202514:32	–	cvelist
EUVD	EUVD-2025-31352	3 Oct 202520:07	–	euvd
NVD	CVE-2025-11019	26 Sep 202515:16	–	nvd
OSV	CVE-2025-11019	26 Sep 202515:16	–	osv
Positive Technologies	PT-2025-39646	26 Sep 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-11019	27 Sep 202514:50	–	redhatcve
Vulnrichment	CVE-2025-11019 Total.js CMS Files Menu cross site scripting	26 Sep 202514:32	–	vulnrichment

NVD

Vulners

Node

totaljs total.jsRange<19.9.0node.js

[
  {
    "vendor": "Total.js",
    "product": "CMS",
    "versions": [
      {
        "version": "19.0",
        "status": "affected"
      },
      {
        "version": "19.1",
        "status": "affected"
      },
      {
        "version": "19.2",
        "status": "affected"
      },
      {
        "version": "19.3",
        "status": "affected"
      },
      {
        "version": "19.4",
        "status": "affected"
      },
      {
        "version": "19.5",
        "status": "affected"
      },
      {
        "version": "19.6",
        "status": "affected"
      },
      {
        "version": "19.7",
        "status": "affected"
      },
      {
        "version": "19.8",
        "status": "affected"
      },
      {
        "version": "19.9.0",
        "status": "affected"
      }
    ],
    "modules": [
      "Files Menu"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

29 Apr 2026 01:00Current

3.2Low risk

Vulners AI Score3.2

CVSS 3.12.4 - 4.8

CVSS 23.3

CVSS 44.8

CVSS 32.4

EPSS0.0002

SSVC