Unknown · Maxsite Cms · CVE-2026-37700
**Name of the Vulnerable Software and Affected Versions**
MaxSite CMS version 109.2
**Description**
A Cross Site Scripting issue allows a remote attacker to obtain sensitive information. This occurs via the Backend page file upload endpoint used by `admin page`.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.