[Attack Vectors] > It was detected that a Stored XSS vulnerability in the "Content Management" > "Blog posts" area. Malicious HTML/JavaScript added to the Body overview field of a blog post is stored in the backend and executes when the blog page is visited (http://localhost/blog/)
Assigned CVE code: > CVE-2025-65590 [Discoverer] > AlterSec t/a PenTest.NZ _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
