9 matches found
Cross-site Scripting (XSS)
Piranha is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper sanitization of user-supplied content in Markdown blocks within the /manager/pages component, which allows an attacker to inject and execute arbitrary web scripts or HTML...
CVE-2025-61413
A stored cross-site scripting XSS vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks...
Piranha CMS vulnerable to stored cross-site scripting (XSS)
A stored cross-site scripting XSS vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks...
Cross-site Scripting (XSS)
Overview Piranha.Manager is a manager panel for Piranha CMS for AspNetCore. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the /manager/pages component when user-supplied input is injected into Markdown blocks. An attacker can execute arbitrary web scripts or HTML...
GHSA-3QCP-9V8C-6JP7 Piranha CMS vulnerable to stored cross-site scripting (XSS)
A stored cross-site scripting XSS vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks...
CVE-2025-61413
A stored cross-site scripting XSS vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks...
CVE-2025-61413
A stored cross-site scripting XSS vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks...
CVE-2025-61413
A stored cross-site scripting XSS vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks...
CVE-2025-61413
A stored cross-site scripting XSS vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks...