CVE-2025-60454

A stored Cross-Site Scripting XSS vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists in the image management module, specifically in the app\system\img\admin\imgadmin.class.php component. The vulnerability allows attackers to upload malicious SVG files containi...

MetInfo CMS 安全漏洞

MetInfo CMS is a content management system from China's Mito MetInfo. A security vulnerability exists in MetInfo CMS version 8.0, which stems from an unvalidated SVG file input in the Image Management module and could lead to a stored cross-site scripting attack...

PT-2025-40523

Name of the Vulnerable Software and Affected Versions MetInfo CMS version 8.0 Description A stored Cross-Site Scripting XSS issue exists in the image management module of the software. The vulnerability is located in the appsystemimgadminimg admin.class.php component. Attackers can upload malicio...