CVE-2025-54172 Stored Cross-Site Scripting in QuickCMS

QuickCMS is vulnerable to Stored XSS in sTitle parameter in page editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. Regular admin user is not able to inject any JS scripts into th...

CVE-2025-54172 Stored Cross-Site Scripting in QuickCMS

QuickCMS is vulnerable to Stored XSS in sTitle parameter in page editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. Regular admin user is not able to inject any JS scripts into th...

Open Solution QuickCMS 跨站脚本漏洞

Open Solution QuickCMS is an Open Solution open source content management system. A cross-site scripting vulnerability exists in Open Solution QuickCMS version 6.8, which stems from improper neutralization of the sTitle parameter input and could lead to a stored cross-site scripting attack...

PT-2025-34050

Name of the Vulnerable Software and Affected Versions: QuickCMS version 6.8 QuickCMS affected versions not specified Description: QuickCMS is vulnerable to Stored Cross-Site Scripting XSS in the sTitle parameter within the page editor functionality. A malicious attacker with admin privileges can...