CNNVD-202507-3037 Information

CNNVD ID

CNNVD-202507-3037

Related CVE

CVE-2025-50481

• CNNVD Published: 2025-07-23

Description (Chinese)

mezzanine是stephenmcd个人开发者的一个Django的CMS框架。 mezzanine v6.1.0版本存在安全漏洞，该漏洞源于/blog/blogpost/add组件输入验证不足，可能导致跨站脚本攻击。

Description (English)

Mezzanine is a Django CMS framework for stephenmcd personal developers. There is a security loophole in version mezzanine v6.1.0, which stems from inadequate input verification of/blog/blogpost/add components, which may result in cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-07-23

Last Modified

2026-02-24

References

https://github.com/kevinpdicks/Mezzanine-CMS-6.1.0-XSS https://github.com/stephenmcd/mezzanine https://access.redhat.com/security/cve/cve-2025-50481 https://www.exploit-db.com/exploits/52385

Patch

https://github.com/stephenmcd/mezzanine/releases