CVE-2026-22704

Published
View on NVD ↗
CVSS v3
8
HIGH
CVSS v2
N/A
Affected
2
PROJECTS

Description

HAX CMS helps manage microsite universe with PHP or NodeJs backends. In versions 11.0.6 to before 25.0.0, HAX CMS is vulnerable to stored XSS, which could lead to account takeover. This issue has been patched in version 25.0.0.

haxtheweb/issues
haxtheweb/issues
Issue queue for hax, haxcms, elmsln, lrnwebcomponents, wcfactory, websites and more.
GitHubGitHub
12
haxtheweb/haxcms-nodejs
haxtheweb/haxcms-nodejs
HAX + CMS to manage your microsite universe with NodeJS backend
GitHubGitHub
3