56 matches found
📄 Piranha CMS 12.0 Cross Site Scripting
Piranha CMS version 12.0 suffers from a cross site scripting vulnerability. Exploit Title: Piranha CMS 12.0 - Stored Cross Site Scripting Date: 2025-09-26 Exploit Author: Chidubem Chukwu Terminal Venom LinkedIn : https://www.linkedin.com/in/chidubem-chukwu-20bb202a9? Vendor Homepage:...
CVE-2025-67291
A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
CVE-2025-67290
A stored cross-site scripting XSS vulnerability in the Page Settings module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Excerpt field...
Cross-site Scripting (XSS)
Overview piranha is an a complete rewrite of Piranha CMS for .NET Core. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Name field in the Media module. An attacker can execute arbitrary web scripts or HTML by injecting crafted payloads. Details Cross-site...
Cross-site Scripting (XSS)
Overview piranha is an a complete rewrite of Piranha CMS for .NET Core. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Excerpt field in the Page Settings module. An authenticated attacker can execute arbitrary web scripts or HTML by injecting a crafted payloa...
GHSA-FW48-7QF9-455M Piranha has stored cross-site scripting (XSS) vulnerability
A stored cross-site scripting XSS vulnerability in the Page Settings module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Excerpt field...
GHSA-83FP-HH9M-C2JQ Piranha has stored cross-site scripting (XSS) vulnerability
A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
CVE-2025-67290
A stored cross-site scripting XSS vulnerability in the Page Settings module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Excerpt field...
CVE-2025-67291
A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
CVE-2025-67291
CVE-2025-67291 affects Piranha CMS, Media module in version 12.1. The vulnerability is a stored XSS: an attacker can inject a crafted payload into the Name field, leading to execution of arbitrary web scripts/HTML in a user’s browser. Documents from multiple sources (NVD, Red Hat, OSV) confirm th...
PT-2025-52684
Name of the Vulnerable Software and Affected Versions Piranha CMS version 12.1 Description A stored cross-site scripting XSS issue exists in the Page Settings module. This allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Excerpt field...
CVE-2025-67291
A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
CVE-2025-67290
A stored cross-site scripting XSS vulnerability in the Page Settings module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Excerpt field...
PT-2025-52685
Name of the Vulnerable Software and Affected Versions Piranha CMS version 12.1 Description A stored cross-site scripting XSS issue exists in the Media module. An attacker can inject a crafted payload into the Name field to execute arbitrary web scripts or HTML. Recommendations At the moment, ther...
Piranha CMS 安全漏洞
Piranha CMS is Piranha CMS open source a friendly editor-centric CMS used as . A security vulnerability exists in Piranha CMS that stems from the injection of a specially crafted payload into the Excerpt field that could lead to the execution of arbitrary web script or HTML...
CVE-2025-67291
A stored cross-site scripting XSS vulnerability in the Media module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...
CVE-2025-67290
A stored cross-site scripting XSS vulnerability in the Page Settings module of Piranha CMS v12.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Excerpt field...
CVE-2025-61413
A stored cross-site scripting XSS vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks...
GHSA-3QCP-9V8C-6JP7 Piranha CMS vulnerable to stored cross-site scripting (XSS)
A stored cross-site scripting XSS vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks...
Piranha CMS vulnerable to stored cross-site scripting (XSS)
A stored cross-site scripting XSS vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks...