CVE-2025-40727

A Reflected Cross Site Scripting (XSS) vulnerability was found in '/search' in Phoenix Site CMS from Phoenix, which allows remote attackers to execute arbitrary code via 's' GET parameter.
CVSS

No CVSS.

Configurations

No configuration.

History

16 Jun 2025, 12:32

Type Values Removed Values Added
Summary
  • (es) Se encontró una vulnerabilidad de Cross Site Scripting (XSS) Reflejado en '/search' en Phoenix Site CMS de Phoenix, que permite a atacantes remotos ejecutar código arbitrario a través del parámetro GET 's'.

16 Jun 2025, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-06-16 09:15

Updated : 2025-06-16 12:32


NVD link : CVE-2025-40727

Mitre link : CVE-2025-40727

CVE.ORG link : CVE-2025-40727


JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')