CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-46041

A stored cross-site scripting (XSS) vulnerability in Anchor CMS v0.12.7 allows attackers to inject malicious JavaScript via the page description field in the page creation interface (/admin/pages/add).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.4%

CVSS Severity

CVSS v3 Score 5.4

References

http://anchor.com
https://github.com/binneko/CVE-2025-46041
https://github.com/binneko/CVE-2025-46041

Products affected by CVE-2025-46041

Anchorcms » Anchor Cms » Version: 0.12.7

cpe:2.3:a:anchorcms:anchor_cms:0.12.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-46041

Products

Pricing

Contact Us