2 matches found
CVE-2025-52037
A vulnerability has been found in NotesCMS and classified as medium. Affected by this vulnerability is the page /index.php?route=sites. The manipulation of the title of the service descriptions leads to a stored XSS vulnerability. The issue was confirmed to be present in the source code as of...
CVE-2025-2340
Summary (CVE-2025-2340): A cross-site scripting flaw affects Tale Blog 2.0.5, specifically the Site Settings component: the function /options/save.saveOptions accepts a manipulated Site Title, enabling remote XSS. The vulnerability’s root cause is input handling in the Site Title argument, leadin...