In PiranhaCMS, versions 7.0.0 to 9.1.1 are vulnerable to stored XSS due to the page title improperly sanitized. By creating a page with a specially crafted page title, a low privileged user can trigger arbitrary JavaScript execution.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Mend
Published: 2021-10-25T13:10:10
Updated: 2024-08-03T20:19:19.780Z
Reserved: 2021-01-22T00:00:00
Link: CVE-2021-25977
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-10-25T13:15:07.800
Modified: 2021-10-26T13:30:29.927
Link: CVE-2021-25977
Redhat
No data.