Home

Description

Cross Site Scripting vulnerability in MaxSite CMS v.109.2 allows a remote attacker to obtain sensitive information via the Backend page file upload endpoint used by admin_page

PUBLISHED Reserved 2026-04-06 | Published 2026-06-03 | Updated 2026-06-05 | Assigner mitre

References

maxsite.com

github.com/...ream108/CVE/blob/main/MaxSite109.2/about_en.md

cve.org (CVE-2026-37700)

nvd.nist.gov (CVE-2026-37700)

Download JSON