CVE-2025-40727 Information

Description

A Reflected Cross Site Scripting (XSS) vulnerability was found in ‘/search’ in Phoenix Site CMS from Phoenix which allows remote attackers to execute arbitrary code via ’s’ GET parameter.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-xss-phoenix-cms

Related CNNVD

CNNVD-202506-1868 (Published: 2025-06-16)