4 matches found
Cross-site Scripting (XSS)
Overview anchorcms/anchor-cms is a lightweight blog CMS for PHP. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the "page description" field in the page creation interface /admin/pages/add. An attacker can execute arbitrary JavaScript code by injecting...
CVE-2025-46041
Anchor CMS v0.12.7 is affected by CVE-2025-46041: a stored XSS in the page creation interface, exploitable via the description field on /admin/pages/add. An authenticated user (admin/editor) can inject arbitrary JavaScript which is stored and executed when the page is viewed. Affected component/l...
CVE-2025-46041
A stored cross-site scripting XSS vulnerability in Anchor CMS v0.12.7 allows attackers to inject malicious JavaScript via the page description field in the page creation interface /admin/pages/add...
PT-2023-26090 · Unknown · Maid Hiring Management System
Name of the Vulnerable Software and Affected Versions: Maid Hiring Management System version 1.0 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Description of the "/admin/aboutus.php" API endpoin...