CVE-2025-26529 — Description information displayed in the site administration live log required ... | CVE Daily

High CVSS 8.3

Overview

Description information displayed in the site administration live log
required additional sanitizing to prevent a stored XSS risk.

CWE: CWE-79 Published: 2025-02-24T20:15:33.677

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 8.3 (HIGH)
Detected tags: stored_xss, xss (tag impact: MODERATE)

Recommended actions:

Sanitize stored input and enforce CSP.
Apply context-aware output encoding.
Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Recommended tools

Tags