Saconyfx/security-advisories

Releases0

Public security advisories published by Me (Chidubem Chukwu), including CVE disclosures and vulnerability reports for open-source and third-party projects.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-61413 ↗	Oct 23, 2025Thursday, 23 October 2025, 18:16	6.1 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks.
CVE-2025-57692 ↗	Sep 26, 2025Friday, 26 September 2025, 20:15	6.8 MEDIUM	—
PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser.