CVE-2025-54543

QuickCMS is vulnerable to Stored XSS via sDescriptionMeta parameter in page editor SEO functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. By default admin user is not able to add...

CVE-2025-54543

QuickCMS is vulnerable to Stored XSS via sDescriptionMeta parameter in page editor SEO functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. By default admin user is not able to add...

CVE-2025-54543

QuickCMS is vulnerable to Stored XSS via sDescriptionMeta parameter in page editor SEO functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. By default admin user is not able to add...

CVE-2025-54543 Stored XSS in QuickCMS

QuickCMS is vulnerable to Stored XSS via sDescriptionMeta parameter in page editor SEO functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. By default admin user is not able to add...

CVE-2025-54543

QuickCMS (CMS) is affected by CVE-2025-54543, a Stored XSS in the page editor SEO functionality via the sDescriptionMeta parameter. The vulnerability allows an admin with privileges to inject arbitrary HTML/JS that is rendered when visiting the edited page. Only version 6.8 has been tested and co...

QuickCMS 跨站脚本漏洞

QuickCMS is an open source content management system from QuickCMS. A cross-site scripting vulnerability exists in QuickCMS version 6.8, which stems from improper handling of the sDescriptionMeta parameter and could lead to a stored cross-site scripting attack...