Warning: Undefined variable $author_out in /home/afaghhos/domains/afaghhosting.net/public_html/blog/wp-content/plugins/removehide-author-date-category-like-entry-meta/remove-author-date-and-category-metadata.php on line 147

Warning: Undefined variable $date_out in /home/afaghhos/domains/afaghhosting.net/public_html/blog/wp-content/plugins/removehide-author-date-category-like-entry-meta/remove-author-date-and-category-metadata.php on line 160

Warning: Undefined variable $category_out in /home/afaghhos/domains/afaghhosting.net/public_html/blog/wp-content/plugins/removehide-author-date-category-like-entry-meta/remove-author-date-and-category-metadata.php on line 173

Warning: Undefined variable $comment_out in /home/afaghhos/domains/afaghhosting.net/public_html/blog/wp-content/plugins/removehide-author-date-category-like-entry-meta/remove-author-date-and-category-metadata.php on line 186

Warning: Undefined variable $edit_out in /home/afaghhos/domains/afaghhosting.net/public_html/blog/wp-content/plugins/removehide-author-date-category-like-entry-meta/remove-author-date-and-category-metadata.php on line 198

مدیریت منیج سرور ثبت دامنه

CVE-2025-11332 – CmsEasy URL view.php cross site scripting

اکتبر 6, 2025

—

توسط

در اخبار آسیپ پذیری

CVE ID : CVE-2025-11332

Published : Oct. 6, 2025, 11:15 a.m. | 1 hour, 17 minutes ago

Description : A vulnerability was determined in CmsEasy up to 7.7.7. This affects an unknown function in the library lib/inc/view.php of the component URL Handler. Executing manipulation of the argument PHP_SELF can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…