Security Advisory

CVE-2021-25977

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-25 13:10:10

Last updated 2025-04-30 15:52:58

Assigner Mend

State PUBLISHED

Description

In PiranhaCMS, versions 7.0.0 to 9.1.1 are vulnerable to stored XSS due to the page title improperly sanitized. By creating a page with a specially crafted page title, a low privileged user can trigger arbitrary JavaScript execution.

← Browse all CVEs View on cve.org ↗