Dotnetfoundation: >> Piranha Cms >> 12.0 Security Vulnerabilities
A stored cross-site scripting (XSS) vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-10-23
PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser.
CVSS Score
6.8
EPSS Score
0.001
Published
2025-09-26