46 matches found
EUVD-2025-209787
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
CVE-2025-70842
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
CVE-2025-70842
FluentCMS 1.2.3 is affected in its File Management module by a Stored XSS vulnerability. An authenticated administrator can upload crafted SVG files containing malicious JavaScript, and the injected script executes in the browser of any user who accesses the direct URL to the image, including una...
CVE-2025-70842
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
CVE-2025-70842
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
FluentCMS 跨站脚本漏洞
FluentCMS is an open-source content management system developed by FluentCMS. Version 1.2.3 of FluentCMS has a cross-site scripting vulnerability. This vulnerability stems from a storage-based cross-site script in the file management module. It allows authenticated administrators to upload...
PT-2026-40033
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
CVE-2025-70842
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
CVE-2026-38947
FluentCMS 1.2.3 is vulnerable to Cross Site Scripting XSS in TextHTML plugin...
FluentCMS TextHTML Plugin Cross-Site Scripting Vulnerability
FluentCMS is a .NET-based content management system CMS that is primarily used to quickly build websites and manage web content. A cross-site scripting vulnerability exists in the FluentCMS TextHTML plugin. The vulnerability stems from insufficient validation of user input and failure to properly...
EUVD-2026-27474
FluentCMS 1.2.3 is vulnerable to Cross Site Scripting XSS in TextHTML plugin...
CVE-2026-38947
FluentCMS 1.2.3 is vulnerable to Cross Site Scripting XSS in TextHTML plugin...
CVE-2026-38947
CVE-2026-38947 affects FluentCMS 1.2.3, with the XSS in the TextHTML plugin. The CVSS 3.1 base score is 6.1 (Medium); vectors: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N. The vulnerability is described as a Cross Site Scripting flaw in the TextHTML plugin, enabling script injection in pages viewed by us...
CVE-2026-38947
FluentCMS 1.2.3 is vulnerable to Cross Site Scripting XSS in TextHTML plugin...
CVE-2026-38947
FluentCMS 1.2.3 is vulnerable to Cross Site Scripting XSS in TextHTML plugin...
PT-2026-37233
Name of the Vulnerable Software and Affected Versions FluentCMS version 1.2.3 Description Cross Site Scripting XSS exists in the TextHTML plugin. XSS is a flaw that allows an attacker to inject malicious scripts into web pages viewed by other users. Recommendations At the moment, there is no...
FluentCMS 安全漏洞
FluentCMS is a .NET-based content management system CMS that is primarily used to quickly build websites and manage web content. A cross-site scripting vulnerability exists in the FluentCMS TextHTML plugin. The vulnerability stems from insufficient validation of user input and failure to properly...
CVE-2026-38947
FluentCMS 1.2.3 is vulnerable to Cross Site Scripting XSS in TextHTML plugin...
CVE-2025-15549
FluentCMS 2026 contains a stored cross-site scripting vulnerability that allows authenticated administrators to upload SVG files with embedded JavaScript via the File Management module. Attackers can upload malicious SVG files that execute JavaScript in the browser of any user accessing the...
CVE-2025-15549
FluentCMS 2026 contains a stored cross-site scripting vulnerability that allows authenticated administrators to upload SVG files with embedded JavaScript via the File Management module. Attackers can upload malicious SVG files that execute JavaScript in the browser of any user accessing the...