CNNVD-202508-060 Information

CNNVD ID

CNNVD-202508-060

Related CVE

CVE-2025-51504

• CNNVD Published: 2025-08-01

Description (Chinese)

Microweber CMS是Microweber开源的一个拖放式网站构建器。 Microweber CMS 2.0版本存在安全漏洞，该漏洞源于/projects/profile和homepage端点中last name字段存在跨站脚本。

Description (English)

Micrower CMS is a drag-and-drop site builder of the Microwerber Open Source. There is a security loophole in version Micrower CMS 2.0, which stems from the presence of a cross-site script in last name fields in/projects/profile and homepage endpoints.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Microweber

Published

2025-08-01

Last Modified

2026-02-24

References

https://github.com/progprnv/CVE-Reports/blob/main/CVE-2025-51504 https://github.com/progprnv/CVE-Reports/blob/main/MICROWEBER%20%5BLive%20Panel%5D%20Stored%20XSS%20in%20profile%20path.md https://nvd.nist.gov/vuln/detail/CVE-2025-51504 https://access.redhat.com/security/cve/cve-2025-51504