Security Advisory

CVE-2025-55420

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-21 00:00:00

Last updated 2025-08-21 15:49:04

Assigner mitre

State PUBLISHED

Description

A Reflected Cross Site Scripting (XSS) vulnerability was found in /index.php in FoxCMS v1.2.6. When a crafted script is sent via a GET request, it is reflected unsanitized into the HTML response. This permits execution of arbitrary JavaScript code when a logged-in user submits the malicious input.

← Browse all CVEs View on cve.org ↗