CVE-2026-25491 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Craft is a platform for creating digital experiences. From 5.0.0-RC1 to 5.8.21, Craft has a stored XSS via Entry Type names. The name is not sanitized when disp…
Low CVSS: 1.9

CVE-2026-25491

Craft is a platform for creating digital experiences. From 5.0.0-RC1 to 5.8.21, Craft has a stored XSS via Entry Type names. The name is not sanitized when displayed in the Entry Types list. This vulnerability is fixed in 5.8.22.
Vendor
Craftcms
Product
Craft Cms
CWE
CWE-79
Yayın Tarihi
2026-02-09 20:15:57
Güncelleme
2026-02-19 19:26:43
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-79 Craft Cms LOW Craftcms 2026

Referanslar

https://github.com/craftcms/cms/commit/cfd6ba0e2ce1a59a02d75cae6558c4ace1ab8bd4 https://github.com/craftcms/cms/releases/tag/5.8.22 https://github.com/craftcms/cms/security/advisories/GHSA-7pr4-wx9w-mqwr