CVE-2025-51504

Description

Microweber CMS 2.0 is vulnerable to Cross Site Scripting (XSS)in the /projects/profile, homepage endpoint via the last name field.

PUBLISHED Reserved 2025-06-16 | Published 2025-08-01 | Updated 2025-08-01 | Assigner mitre

References

github.com/...BER [Live Panel] Stored XSS in profile path.md

github.com/progprnv/CVE-Reports

github.com/progprnv/CVE-Reports/blob/main/CVE-2025-51504

cve.org (CVE-2025-51504)

nvd.nist.gov (CVE-2025-51504)

Download JSON