CVE-2025-46041
Anchor CMS v0.12.7 is affected by CVE-2025-46041: a stored XSS in the page creation interface, exploitable via the description field on /admin/pages/add. An authenticated user (admin/editor) can inject arbitrary JavaScript which is stored and executed when the page is viewed. Affected component/l...