CVE-2025-40727 | Phoenix Site CMS GET Parameter /search s cross site scripting

Inserito da Angelo Barbosa | Giu 16, 2025 | CVE

A vulnerability was found in Phoenix Site CMS and classified as problematic. Affected by this issue is some unknown functionality of the file /search of the component GET Parameter Handler. The manipulation of the argument s leads to cross site scripting.

This vulnerability is handled as CVE-2025-40727. The attack may be launched remotely. There is no exploit available.

CVE-2025-40727 | Phoenix Site CMS GET Parameter /search s cross site scripting

Post correlati

CVE-2024-39296 | Linux Kernel up to 6.6.33/6.9.4 bonding_masters bonding_exit missing initialization (f07224c16678/cf48aee81103/a45835a0bb6e)

CVE-2023-20275 | Cisco ASA/Firepower Threat Defense Software VPN Packet Validation unknown vulnerability (cisco-sa-asa-ssl-vpn-Y88QOm77)

CVE-2024-23851 | Linux Kernel up to 6.7.1 drivers/md/dm-ioctl.c copy_params allocation of resources

CVE-2024-39332 | Webswing 23.2.2 path traversal (usd-2024-0008)