Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
4DescriptionCVE.org
Cross Site Scripting vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbitrary code via the Marketing/Forms, Marketing/Offers and Content/Pages components.
Analysis
Cross Site Scripting vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbitrary code via the Marketing/Forms, Marketing/Offers and Content/Pages components.
Technical ContextAI
Cross-site scripting (XSS) allows injection of client-side scripts into web pages viewed by other users due to insufficient output encoding.
RemediationAI
Encode all user-supplied output contextually (HTML, JS, URL). Implement Content Security Policy (CSP) headers. Use HTTPOnly and Secure cookie flags.
More in Content Management System
View allCVE-2025-29093 is an unauthenticated file upload vulnerability in Motivian Content Management System v41.0.0 that allows
Critical SQL injection vulnerability in the /publicposts.php file of Content Management System and News-Buzz version 1.0
A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Rated medium severity (C
A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Rated medium severity (C
A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Rated medium severi
A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System an
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declar
IT Sourcecode Content Management System Project In PHP and MySQL With Source Code 1.0.0 is vulnerable to Cross Site Scri
Cross-site scripting (XSS) vulnerability in SourceCodester Content Management System v 1.0 allows remote attackers to in
A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Rated medium severi
A cross-site scripting (XSS) vulnerability in Totaljs all versions before commit 95f54a5commit, allows attackers to exec
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-16894