Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

159 matches found

Snyk
Snykadded 2026/04/06 5:14 p.m.1 views

Cross-site Scripting (XSS)

Overview feehi/cms is a Feehi CMS project template. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Name parameter in the Category module. An attacker can execute arbitrary web scripts or HTML by injecting a crafted payload. Details Cross-site scripting or XSS...

6.9CVSS6AI score0.00031EPSS
Exploits1References2
Snyk
Snykadded 2026/04/06 5:14 p.m.2 views

Cross-site Scripting (XSS)

Overview feehi/cms is a Feehi CMS project template. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Group, Category, or Description parameters in the Permissions module. An attacker can execute arbitrary web scripts or HTML by injecting crafted payloads into...

6.9CVSS6AI score0.00029EPSS
Exploits1References2
Snyk
Snykadded 2026/04/06 5:14 p.m.2 views

Cross-site Scripting (XSS)

Overview feehi/cms is a Feehi CMS project template. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Content field during the creation or editing process. An attacker can execute arbitrary web scripts or HTML in the context of other authenticated users by...

6.9CVSS6AI score0.00037EPSS
Exploits1References2
NVD
NVDadded 2026/04/06 4:16 p.m.1 views

CVE-2026-31354

Multiple authenticated stored cross-site scripting XSS vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Group, Category or Description parameters...

5.4CVSS0.00029EPSS
Exploits1References2
NVD
NVDadded 2026/04/06 4:16 p.m.1 views

CVE-2026-31353

An authenticated stored cross-site scripting XSS vulnerability in the Category module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

5.4CVSS0.00031EPSS
Exploits1References2
NVD
NVDadded 2026/04/06 4:16 p.m.1 views

CVE-2026-31351

An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter...

4.8CVSS0.00044EPSS
Exploits1References2
Snyk
Snykadded 2026/04/06 4:10 p.m.0 views

Cross-site Scripting (XSS)

Overview feehi/cms is a Feehi CMS project template. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the creation/editing process via the Title parameter. An attacker can execute arbitrary web scripts or HTML by injecting a crafted payload. Details Cross-site...

6.9CVSS6AI score0.00044EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/04/06 12:0 a.m.21 views

CVE-2026-31352

An authenticated stored cross-site scripting XSS vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Role Name parameter...

0.00037EPSS
Exploits1References2
CVE
CVEadded 2026/04/06 12:0 a.m.2 views

CVE-2026-31354

Feehi CMS v2.1.1 has multiple authenticated stored XSS in the Permissions module. The vulnerability arises from accepting crafted payloads in the Group, Category, or Description parameters, allowing execution of arbitrary web scripts/HTML by authenticated users who view affected content. The prov...

5.4CVSS6AI score0.00029EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/04/06 12:0 a.m.20 views

CVE-2026-31353

An authenticated stored cross-site scripting XSS vulnerability in the Category module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

0.00031EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2026/04/06 12:0 a.m.1 views

PT-2026-30653

An authenticated stored cross-site scripting XSS vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Role Name parameter...

6AI score0.00037EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/04/06 12:0 a.m.1 views

PT-2026-30667

An authenticated stored cross-site scripting XSS vulnerability in the Category module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

6AI score0.00031EPSS
Exploits1References3
Cvelist
Cvelistadded 2026/04/06 12:0 a.m.24 views

CVE-2026-31354

Multiple authenticated stored cross-site scripting XSS vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Group, Category or Description parameters...

0.00029EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/04/06 12:0 a.m.12 views

CVE-2026-31313

An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Content field...

0.00037EPSS
Exploits1References2
CVE
CVEadded 2026/04/06 12:0 a.m.1 views

CVE-2026-31350

Vulnerability summary (CVE-2026-31350): An authenticated stored cross-site scripting (XSS) flaw exists in Feehi CMS v2.1.1, exploitable by injecting a crafted payload into the Page Sign parameter. The issue allows an attacker with authenticated access to execute arbitrary web scripts/HTML in the ...

5.4CVSS6AI score0.00037EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/06 12:0 a.m.0 views

PT-2026-30674

An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Content field...

6AI score0.00037EPSS
Exploits1References3
Cvelist
Cvelistadded 2026/04/06 12:0 a.m.21 views

CVE-2026-31350

An authenticated stored cross-site scripting XSS vulnerability in Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Page Sign parameter...

0.00037EPSS
Exploits1References2
CVE
CVEadded 2026/04/06 12:0 a.m.1 views

CVE-2026-31351

The CVE-2026-31351 entry describes an authenticated stored XSS vulnerability in Feehi CMS v2.1.1, exploitable via crafting payloads in the Title field during creation/editing. The issue is confirmed across multiple connected sources (RH Red Hat, EUVD ENISA, GHSA advisories, NVD/NVD-linked records...

4.8CVSS6AI score0.00044EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/04/06 12:0 a.m.20 views

CVE-2026-31351

An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter...

0.00044EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2026/04/06 12:0 a.m.1 views

PT-2026-30651

An authenticated stored cross-site scripting XSS vulnerability in Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Page Sign parameter...

6AI score0.00037EPSS
Exploits1References3
Rows per page
Query Builder