CVE Daily

CVE-2025-51504

Microweber CMS 2.0 is vulnerable to Cross Site Scripting (XSS)in the /projects/p...

High CVSS 7.6

Overview

Microweber CMS 2.0 is vulnerable to Cross Site Scripting (XSS)in the /projects/profile, homepage endpoint via the last name field.

CWE: CWE-79 Published: 2025-08-01T17:15:52.633
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.6 (HIGH)
  • Detected tags: xss (tag impact: MODERATE)

Recommended actions:

  • Apply context-aware output encoding.
  • Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Recommended tools

Tags