7 matches found
Cross-site Scripting (XSS)
Overview microweber/microweber is a new generation CMS with drag and drop. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the homepage endpoint via the last name field. An attacker can execute arbitrary JavaScript code in the context of a user's browser by...
Microweber XSS Vulnerability in the homepage Endpoint
Microweber CMS 2.0 is vulnerable to Cross Site Scripting XSS in the /projects/profile, homepage endpoint via the last name field...
CVE-2025-51504
Microweber CMS 2.0 is vulnerable to Cross Site Scripting XSSin the /projects/profile, homepage endpoint via the last name field...
Microweber CMS 安全漏洞
Microweber CMS is a drag-and-drop website builder from Microweber Open Source. A security vulnerability exists in Microweber CMS version 2.0, which stems from cross-site scripting in the last name field in the /projects/profile and homepage endpoints...
CVE-2025-51504
Microweber CMS 2.0 is vulnerable to Cross Site Scripting XSSin the /projects/profile, homepage endpoint via the last name field...
PT-2025-31652 · Unknown · Microweber Cms
Name of the Vulnerable Software and Affected Versions: Microweber CMS version 2.0 Description: Microweber CMS 2.0 is vulnerable to Cross Site Scripting XSS in the /projects/profile and homepage endpoint via the last name field. Recommendations: For Microweber CMS version 2.0, sanitize or encode t...
CVE-2025-51504
Microweber CMS 2.0 is vulnerable to Cross Site Scripting XSSin the /projects/profile, homepage endpoint via the last name field...