Vulners
Lucene search
2 matches found
CVE-2025-66310
Grav’s admin plugin suffers a Stored XSS in the /admin/pages/[page] endpoint via data[header][template] stored in page frontmatter. Impact is execution of scripts when rendering content in admin or frontend views. Fix available in Grav 1.11.0-beta.1. No exploitation details are provided beyond th...
6.2CVSS4.9AI score0.00024EPSS
Exploits1References2Affected Software1
CVE-2019-11426
An XSS issue was discovered in app/admincp/template/admincp.header.php in idreamsoft iCMS 7.0.14 via the admincp.php?app=config tab parameter...
6.1CVSS6.3AI score
Exploits0References1
20