Content Management System
CVE-2022-26565
MEDIUM
Severity by source
AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionNVD
A cross-site scripting (XSS) vulnerability in Totaljs all versions before commit 95f54a5commit, allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Name text field when creating a new page.
AnalysisAI
A cross-site scripting (XSS) vulnerability in Totaljs all versions before commit 95f54a5commit, allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. A cross-site scripting (XSS) vulnerability in Totaljs all versions before commit 95f54a5commit, allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Name text field when creating a new page. Affected products include: Totaljs Content Management System.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.
More in Content Management System
View allCVE-2025-29093 is an unauthenticated file upload vulnerability in Motivian Content Management System v41.0.0 that allows
Critical SQL injection vulnerability in the /publicposts.php file of Content Management System and News-Buzz version 1.0
A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Rated medium severity (C
A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Rated medium severity (C
A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Rated medium severi
A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System an
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declar
Cross Site Scripting vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbi
IT Sourcecode Content Management System Project In PHP and MySQL With Source Code 1.0.0 is vulnerable to Cross Site Scri
Cross-site scripting (XSS) vulnerability in SourceCodester Content Management System v 1.0 allows remote attackers to in
A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Rated medium severi
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today