CVE-2025-9728

Published
View on NVD ↗
CVSS v3
4.3
MEDIUM
CVSS v2
5
MEDIUM
Affected
2
PROJECTS

Description

A security vulnerability has been detected in givanz Vvveb 1.0.7.2. This affects an unknown part of the file app/template/user/login.tpl. Such manipulation of the argument Email/Password leads to cross site scripting. The attack can be executed remotely. The name of the patch is bbd4c42c66ab818142240348173a669d1d2537fe. Applying a patch is advised to resolve this issue.

givanz/Vvveb
givanz/Vvveb
Powerful and easy to use cms to build websites, blogs or ecommerce stores.
GitHubGitHub
1.08K
helloandrewpaul/Reflected-XSS-in-Vvveb-CMS-v1.0.7.2
helloandrewpaul/Reflected-XSS-in-Vvveb-CMS-v1.0.7.2
CVE-2025-9728: Reflected XSS in Login Form (Email & Password Fields) Vvveb CMS v1.0.7.2
GitHubGitHub