In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-08-27
FoxCMS 1.2.6, there is a Cross Site Scripting vulnerability in /index.php/article. This allows attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-25
A Reflected Cross Site Scripting (XSS) vulnerability was found in /index.php in FoxCMS v1.2.6. When a crafted script is sent via a GET request, it is reflected unsanitized into the HTML response. This permits execution of arbitrary JavaScript code when a logged-in user submits the malicious input.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-21