CVE-2025-70960

Medium CVSS: 5.4

A stored cross-site scripting (XSS) vulnerability in the Forums module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.

Vendor

Tendenci

Product

Tendenci

CWE

CWE-79

Yayın Tarihi

2026-02-02 23:16:02

Güncelleme

2026-02-11 20:24:37

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Tendenci MEDIUM Tendenci 2026

Referanslar

https://github.com/emirhanyucelll/tendenci/blob/main/Readme.md

Benzer Kayıtlar

Medium

CVE-2025-70959

A stored cross-site scripting (XSS) vulnerability in the Jobs module of Tendenci CMS v15.3.7 allows attackers to execute…

Medium

CVE-2020-36962

Tendenci 12.3.1 contains a CSV formula injection vulnerability in the contact form message field that allows attackers t…

Medium

CVE-2026-23946

Tendenci is an open source content management system built for non-profits, associations and cause-based sites. Versions…