Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
PsuHaxcms-nodejs

3 matches found

CVE
CVEadded 2025/06/09 9:15 p.m.44 views

CVE-2025-49139

HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, in the HAX site editor, users can create a website block to load another site in an iframe. The application allows users to supply a target URL in the website block. When the HAX site is visited...

6.5CVSS5.1AI score0.00055EPSS
CVE
CVEadded 2025/07/11 6:15 p.m.8 views

CVE-2025-53642

haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6.

6.5CVSS6.5AI score0.00036EPSS
CVE
CVEadded 2025/07/23 12:15 a.m.5 views

CVE-2025-54139

HAX CMS allows users to manage their microsite universe with a NodeJS or PHP backend. In haxcms-nodejs versions 11.0.12 and below and in haxcms-php versions 11.0.7 and below, all pages within the HAX CMS application do not contain headers to prevent other websites from loading the site within an if...

6.1CVSS6.8AI score0.00038EPSS