CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Mezzanine CMS is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input sanitization due to failure to filter user-supplied input in the /blog/blogpost/add component, allowing injection of malicious scripts into blog posts...

4.8CVSS6AI score0.00552EPSS

Exploits3References3Affected Software1

Packet Storm•added 2025/07/29 12:0 a.m.•88 views

📄 Mezzanine CMS 6.1.0 Cross Site Scripting

Mezzanine CMS version 6.10 suffers from a persistent cross site scripting vulnerability. Exploit Title: Mezzanine CMS 6.1.0 Stored Cross Site Scripting XSS via component /blog/blogpost/add Date: 23/07/2025 Exploit Author: Kevin Dicks Vendor Homepage: https://github.com/stephenmcd/mezzanine Softwa...

4.8CVSS6.6AI score0.00552EPSS

Exploits3

Exploit DB•added 2025/07/28 12:0 a.m.•313 views

Mezzanine CMS 6.1.0 - Stored Cross Site Scripting (XSS)

Exploit Title: Mezzanine CMS 6.1.0 Stored Cross Site Scripting XSS via component /blog/blogpost/add Date: 23/07/2025 Exploit Author: Kevin Dicks Vendor Homepage: https://github.com/stephenmcd/mezzanine Software Link: https://github.com/stephenmcd/mezzanine Version: 6.1.0 Category: Web Application...

4.8CVSS6.5AI score0.00552EPSS

Exploits3

RedhatCVE•added 2025/07/25 12:28 a.m.•4 views

CVE-2025-50481

A cross-site scripting XSS vulnerability in the component /blog/blogpost/add of Mezzanine CMS v6.1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into a blog post...

4.8CVSS6AI score0.00552EPSS

Exploits3References1

vulnersOsv•added 2025/07/23 6:30 p.m.•2 views

cartridge (>=1.0.0b1 <=1.3.1), cartridge-braintree (>=1.2.1 <=1.2.2) +4 more potentially affected by CVE-2025-50481 via mezzanine (>=3.1.10 <=6.0.0)

mezzanine PYPI version =3.1.10, =1.0.0b1, =1.2.1, =0.0.1, =0.1.0a1, =0.1.0b1, =0.4.1, =0.4.4 Source cves: CVE-2025-50481 Source advisory: OSV:GHSA-269J-37WW-CMH3...

4.8CVSS5.8AI score0.00552EPSS

Exploits3

OSV•added 2025/07/23 6:30 p.m.•4 views

GHSA-269J-37WW-CMH3 Mezzanine CMS vulnerable to Cross-site Scripting

4.8CVSS5.4AI score0.00552EPSS

Exploits3References4

Github Security Blog•added 2025/07/23 6:30 p.m.•8 views

Mezzanine CMS vulnerable to Cross-site Scripting

4.8CVSS5.4AI score0.00552EPSS

Exploits3References5Affected Software1

vulnersOsv•added 2025/07/23 4:43 p.m.•3 views

mezzanine-api (>=0.1.0a1 <=0.7.1) potentially affected by CVE-2025-50481 via mezzanine (=6.0.0)

mezzanine PYPI version =6.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on mezzanine and may be impacted: - mezzanine-api =0.1.0a1, =0.7.1 Source cves: CVE-2025-50481 Source advisory: SNYK:PYTHON-MEZZANINE-10905844...

4.8CVSS5.8AI score0.00552EPSS

Exploits3

vulnersOsv•added 2025/07/23 4:15 p.m.•2 views

cartridge (>=1.0.0b1 <=1.3.1), cartridge-braintree (>=1.2.1 <=1.2.2) +4 more potentially affected by CVE-2025-50481 via mezzanine (>=3.1.10 <=6.0.0)

mezzanine PYPI version =3.1.10, =1.0.0b1, =1.2.1, =0.0.1, =0.1.0a1, =0.1.0b1, =0.4.1, =0.4.4 Source cves: CVE-2025-50481 Source advisory: OSV:PYSEC-2025-137...

4.8CVSS5.4AI score0.00552EPSS

Exploits3

PyPA•added 2025/07/23 4:15 p.m.•6 views

PYSEC-2025-137

4.8CVSS5.9AI score0.00552EPSS

Exploits3References3Affected Software1

NVD•added 2025/07/23 4:15 p.m.•6 views

CVE-2025-50481

4.8CVSS0.00552EPSS

Exploits3References2

OSV•added 2025/07/23 4:15 p.m.•4 views

CVE-2025-50481

4.8CVSS5.9AI score

Exploits0References2

OSV•added 2025/07/23 4:15 p.m.•6 views

PYSEC-2025-137

4.8CVSS5.8AI score0.00552EPSS

Exploits3References3

Positive Technologies•added 2025/07/23 12:0 a.m.•4 views

PT-2025-30602 · Unknown · Mezzanine Cms

Name of the Vulnerable Software and Affected Versions: Mezzanine CMS version 6.1.0 Description: A cross-site scripting XSS vulnerability exists in the /blog/blogpost/add component of Mezzanine CMS. This allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into ...

4.8CVSS5.3AI score0.00552EPSS

Exploits3References9

CNNVD•added 2025/07/23 12:0 a.m.•2 views

mezzanine 安全漏洞

mezzanine is a CMS framework for Django by stephenmcd individual developers. A security vulnerability exists in mezzanine version v6.1.0, which stems from insufficient input validation in the /blog/blogpost/add component and could lead to a cross-site scripting attack...

4.8CVSS5.8AI score0.00552EPSS

Exploits3References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by