Skip to main content

Content Management System CVE-2025-29094

| EUVDEUVD-2025-16894 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2025-06-04 cve@mitre.org
6.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.1 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

4
EUVD ID Assigned
Mar 14, 2026 - 17:29 euvd
EUVD-2025-16894
Analysis Generated
Mar 14, 2026 - 17:29 vuln.today
PoC Detected
Jun 11, 2025 - 18:51 vuln.today
Public exploit code
CVE Published
Jun 04, 2025 - 16:15 nvd
MEDIUM 6.1

DescriptionCVE.org

Cross Site Scripting vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbitrary code via the Marketing/Forms, Marketing/Offers and Content/Pages components.

Analysis

Cross Site Scripting vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbitrary code via the Marketing/Forms, Marketing/Offers and Content/Pages components.

Technical ContextAI

Cross-site scripting (XSS) allows injection of client-side scripts into web pages viewed by other users due to insufficient output encoding.

RemediationAI

Encode all user-supplied output contextually (HTML, JS, URL). Implement Content Security Policy (CSP) headers. Use HTTPOnly and Secure cookie flags.

CVE-2025-29093 HIGH POC
8.2 Jun 04

CVE-2025-29093 is an unauthenticated file upload vulnerability in Motivian Content Management System v41.0.0 that allows

CVE-2025-5631 HIGH POC
7.3 Jun 05

Critical SQL injection vulnerability in the /publicposts.php file of Content Management System and News-Buzz version 1.0

CVE-2025-4311 MEDIUM POC
6.9 May 06

A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Rated medium severity (C

CVE-2025-4301 MEDIUM POC
6.9 May 06

A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Rated medium severity (C

CVE-2025-4300 MEDIUM POC
6.9 May 06

A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Rated medium severi

CVE-2024-10758 MEDIUM POC
6.9 Nov 04

A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System an

CVE-2025-5633 MEDIUM POC
6.3 Jun 05

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated

CVE-2025-5632 MEDIUM POC
6.3 Jun 05

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declar

CVE-2023-31816 MEDIUM POC
6.1 May 22

IT Sourcecode Content Management System Project In PHP and MySQL With Source Code 1.0.0 is vulnerable to Cross Site Scri

CVE-2021-25197 MEDIUM POC
6.1 Jul 22

Cross-site scripting (XSS) vulnerability in SourceCodester Content Management System v 1.0 allows remote attackers to in

CVE-2025-4310 MEDIUM POC
5.1 May 06

A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Rated medium severi

CVE-2022-26565 MEDIUM POC
4.8 Apr 01

A cross-site scripting (XSS) vulnerability in Totaljs all versions before commit 95f54a5commit, allows attackers to exec

Share

CVE-2025-29094 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy