High
CVSS 7.6
Overview
A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2.0 allows attackers to inject malicious scripts into user profile fields, leading to arbitrary JavaScript execution in admin browsers.
CVE-2025-51503
A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2.0 allows a...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 7.6 (HIGH)
- Detected tags: xss (tag impact: MODERATE)
Recommended actions:
- Apply context-aware output encoding.
- Enable Content-Security-Policy and HttpOnly/SameSite cookies.