A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2.0 allows attackers to inject malicious scripts into user profile fields, leading to arbitrary JavaScript execution in admin browsers.
History

Mon, 04 Aug 2025 09:30:00 +0000

Type Values Removed Values Added
First Time appeared Microweber
Microweber cms
Vendors & Products Microweber
Microweber cms

Thu, 31 Jul 2025 19:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-79
Metrics cvssV3_1

{'score': 7.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 31 Jul 2025 18:15:00 +0000

Type Values Removed Values Added
Description A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2.0 allows attackers to inject malicious scripts into user profile fields, leading to arbitrary JavaScript execution in admin browsers.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2025-07-31T00:00:00.000Z

Updated: 2025-07-31T18:40:48.081Z

Reserved: 2025-06-16T00:00:00.000Z

Link: CVE-2025-51503

cve-icon Vulnrichment

Updated: 2025-07-31T18:39:16.449Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-31T18:15:42.147

Modified: 2025-07-31T19:15:29.703

Link: CVE-2025-51503

cve-icon Redhat

No data.