Lucene search
K

7 matches found

Snyk
Snyk
added 2025/08/01 6:31 p.m.2 views

Cross-site Scripting (XSS)

Overview microweber/microweber is a new generation CMS with drag and drop. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the homepage endpoint via the last name field. An attacker can execute arbitrary JavaScript code in the context of a user's browser by...

7.6CVSS5.5AI score0.0049EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/08/01 6:31 p.m.10 views

Microweber XSS Vulnerability in the homepage Endpoint

Microweber CMS 2.0 is vulnerable to Cross Site Scripting XSS in the /projects/profile, homepage endpoint via the last name field...

7.6CVSS6.2AI score0.0049EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/08/01 5:15 p.m.4 views

CVE-2025-51504

Microweber CMS 2.0 is vulnerable to Cross Site Scripting XSSin the /projects/profile, homepage endpoint via the last name field...

7.6CVSS0.0049EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/08/01 12:0 a.m.3 views

Microweber CMS 安全漏洞

Microweber CMS is a drag-and-drop website builder from Microweber Open Source. A security vulnerability exists in Microweber CMS version 2.0, which stems from cross-site scripting in the last name field in the /projects/profile and homepage endpoints...

7.6CVSS6AI score0.0049EPSS
Exploits1References4
OSV
OSV
added 2025/08/01 12:0 a.m.6 views

CVE-2025-51504

Microweber CMS 2.0 is vulnerable to Cross Site Scripting XSSin the /projects/profile, homepage endpoint via the last name field...

7.6CVSS6.6AI score0.0049EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/08/01 12:0 a.m.10 views

PT-2025-31652 · Unknown · Microweber Cms

Name of the Vulnerable Software and Affected Versions: Microweber CMS version 2.0 Description: Microweber CMS 2.0 is vulnerable to Cross Site Scripting XSS in the /projects/profile and homepage endpoint via the last name field. Recommendations: For Microweber CMS version 2.0, sanitize or encode t...

7.6CVSS5.8AI score0.0049EPSS
Exploits1References11
Vulnrichment
Vulnrichment
added 2025/08/01 12:0 a.m.2 views

CVE-2025-51504

Microweber CMS 2.0 is vulnerable to Cross Site Scripting XSSin the /projects/profile, homepage endpoint via the last name field...

6.7AI score0.0049EPSS
Exploits1References3
Rows per page
Query Builder