Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/06/19 11:23 a.m.10 views

CVE-2025-6050

Mezzanine CMS, in versions prior to 6.1.1, contains a Stored Cross-Site Scripting XSS vulnerability in the admin interface. The vulnerability exists in the "displayablelinksjs" function, which fails to properly sanitize blog post titles before including them in JSON responses served via...

4.8CVSS5.7AI score0.00263EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/06/17 12:31 p.m.3 views

cartridge (>=1.0.0b1 <=1.3.1), cartridge-braintree (>=1.2.1 <=1.2.2) +4 more potentially affected by CVE-2025-6050 via mezzanine (>=3.1.10 <=6.0.0)

mezzanine PYPI version =3.1.10, =1.0.0b1, =1.2.1, =0.0.1, =0.1.0a1, =0.1.0b1, =0.4.1, =0.4.4 Source cves: CVE-2025-6050 Source advisory: OSV:GHSA-7PR5-W74R-JJJ7...

4.8CVSS5.8AI score0.00263EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/06/17 11:42 a.m.2 views

mezzanine-api (>=0.1.0a1 <=0.7.1) potentially affected by CVE-2025-6050 via mezzanine (=6.0.0)

mezzanine PYPI version =6.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on mezzanine and may be impacted: - mezzanine-api =0.1.0a1, =0.7.1 Source cves: CVE-2025-6050 Source advisory: SNYK:PYTHON-MEZZANINE-10379730...

4.8CVSS5.8AI score0.00263EPSS
Exploits1
Circl
Circl
added 2025/06/17 11:38 a.m.13 views

CVE-2025-6050

creationtimestamp| type| source ---|---|--- 2025-06-17 11:38:27+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18580 2025-06-17 15:28:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrssoskvg62r...

4.8CVSS4.8AI score0.00263EPSS
Exploits1References2
OSV
OSV
added 2025/06/17 11:6 a.m.8 views

CVE-2025-6050 Stored Cross-Site Scripting (XSS) in Mezzanine CMS Admin Interface

Mezzanine CMS, in versions prior to 6.1.1, contains a Stored Cross-Site Scripting XSS vulnerability in the admin interface. The vulnerability exists in the "displayablelinksjs" function, which fails to properly sanitize blog post titles before including them in JSON responses served via...

4.8CVSS6AI score0.00263EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/06/17 11:6 a.m.17 views

CVE-2025-6050 Stored Cross-Site Scripting (XSS) in Mezzanine CMS Admin Interface

Mezzanine CMS, in versions prior to 6.1.1, contains a Stored Cross-Site Scripting XSS vulnerability in the admin interface. The vulnerability exists in the "displayablelinksjs" function, which fails to properly sanitize blog post titles before including them in JSON responses served via...

4.8CVSS0.00263EPSS
Exploits1References3
CVE
CVE
added 2025/06/17 11:6 a.m.37 views

CVE-2025-6050

CVE-2025-6050 affects Mezzanine CMS versions before 6.1.1. The vulnerability is a Stored XSS in the admin interface caused by improper sanitization in the displayable_links_js path, where a blog post title containing malicious JavaScript is included in JSON responses served at /admin/displayable_...

4.8CVSS5.2AI score0.00263EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder