Home

Description

A stored cross-site scripting (XSS) vulnerability in the Forums module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.

PUBLISHED Reserved 2026-01-09 | Published 2026-02-02 | Updated 2026-02-03 | Assigner mitre

References

github.com/emirhanyucelll/tendenci/blob/main/Readme.md

cve.org (CVE-2025-70960)

nvd.nist.gov (CVE-2025-70960)

Download JSON