CVE-2026-25522 | Craft CMS up to 4.10.0/5.5.1 Store Management Section cross site scripting (GHSA-h9r9-2pxg-cx9m)

Inserito da Angelo Barbosa | Feb 3, 2026 | CVE

A vulnerability was found in Craft CMS up to 4.10.0/5.5.1. It has been declared as problematic. This affects an unknown function of the component Store Management Section. The manipulation results in cross site scripting.

This vulnerability is cataloged as CVE-2026-25522. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2026-25522 | Craft CMS up to 4.10.0/5.5.1 Store Management Section cross site scripting (GHSA-h9r9-2pxg-cx9m)

Post correlati

CVE-2025-12789 | Red Hat Single Sign-On 7 Logout redirect_uri

CVE-2025-62672 | boyns rplay up to 3.3.2 librplay/rplay.c RPLAY_DATA allocation of resources (EUVD-2025-35001)

CVE-2024-1202 | XPodas Octopod prior 1.0 authentication bypass

CVE-2024-57698 | modernwms 1.0 Administrator Password /user/list?culture=en-us access control