CVE-2025-71244

SPIP before 4.4.5 and 4.3.9 allows an Open Redirect via the login form when used in AJAX mode. An attacker can craft a malicious URL that, when visited by a victim, redirects them to an arbitrary external site after login. This vulnerability only affects sites where the login page has been...

baserCMS 跨站脚本漏洞

BaserCMS is an open source enterprise-level content management system cms. A JavaScript Input Improper Neutralization vulnerability exists in the blog post editing feature in versions of BaserCMS prior to 4.4.5. A remote authenticated attacker can exploit this vulnerability to inject arbitrary...