CVE-2026-24351
PluXml CMS is affected by CVE-2026-24351 (Stored XSS in Static Pages editing). An attacker with editing privileges can inject arbitrary HTML/JS that is rendered when visiting the edited page. Vulnerable confirmed in versions 5.8.21 and 5.9.0-rc7; other versions were not tested and might also be v...