CVE-2025-13181 | pojoin h3blog 1.0 /admin/cms/material/add Name cross site scripting

Inserito da Angelo Barbosa | Nov 14, 2025 | CVE

A vulnerability described as problematic has been identified in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing manipulation of the argument Name can lead to cross site scripting.

This vulnerability is registered as CVE-2025-13181. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2025-13181 | pojoin h3blog 1.0 /admin/cms/material/add Name cross site scripting

Post correlati

CVE-2025-7387 | Lana Downloads Manager Plugin up to 1.10.0 on WordPress endpoint cross site scripting

CVE-2025-7801 | BossSoft CRM 6.0 HNDCBas_customPrmSearchDtl.jsp cstid sql injection

CVE-2024-1114 | openBI up to 1.0.8 Screen.php dlfile fileUrl access control

CVE-2024-41018 | Linux Kernel up to 6.6.42/6.9.11/6.10.1 ntfs3 out-of-bounds