CNNVD-202507-3937 Information

CNNVD ID

CNNVD-202507-3937

Related CVE

CVE-2025-51503

• CNNVD Published: 2025-07-31

Description (Chinese)

Microweber CMS是Microweber开源的一个拖放式网站构建器。 Microweber CMS 2.0版本存在安全漏洞，该漏洞源于存储型跨站脚本漏洞，可能导致执行任意JavaScript代码。

Description (English)

Micrower CMS is a drag-and-drop site builder of the Microwerber Open Source. There is a security loophole in Microweber CMS 2.0, which originates from a storage-type cross-site script loophole that may lead to the implementation of any JavaScript code.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Microweber

Published

2025-07-31

Last Modified

2026-02-24

References

https://github.com/progprnv/CVE-Reports/blob/main/CVE-2025-51503 https://github.com/progprnv/CVE-Reports/blob/main/MICROWEBER%20%5BAdmin%20Panel%5D%20Stored%20XSS%20in%20profile%20path.md https://access.redhat.com/security/cve/cve-2025-51503

Patch

https://microweber.org/download