CVE-2026-31350

Medium CVSS: 5.4

An authenticated stored cross-site scripting (XSS) vulnerability in Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Page Sign parameter.

Vendor

Feehi

Product

Feehi Cms

CWE

CWE-79

Yayın Tarihi

2026-04-06 16:16:32

Güncelleme

2026-04-07 21:14:34

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Feehi Cms MEDIUM Feehi 2026

Referanslar

https://github.com/liufee/cms https://github.com/liufee/cms/issues/82

Benzer Kayıtlar

Medium

CVE-2026-31313

An authenticated stored cross-site scripting (XSS) vulnerability in the creation/editing module of Feehi CMS v2.1.1 allo…

Medium

CVE-2026-31352

An authenticated stored cross-site scripting (XSS) vulnerability in the Role Management module of Feehi CMS v2.1.1 allow…

Medium

CVE-2026-31353

An authenticated stored cross-site scripting (XSS) vulnerability in the Category module of Feehi CMS v2.1.1 allows attac…

Medium

CVE-2026-31354

Multiple authenticated stored cross-site scripting (XSS) vulnerabilities in the Permissions module of Feehi CMS v2.1.1 a…

Medium

CVE-2026-31351

An authenticated stored cross-site scripting (XSS) vulnerability in the creation/editing module of Feehi CMS v2.1.1 allo…

Medium

CVE-2025-15264

A vulnerability was determined in FeehiCMS up to 2.1.1. Impacted is an unknown function of the file frontend/web/timthum…