CVE-2025-44115

Name of the Vulnerable Software and Affected Versions Cotonti Siena version 0.9.25

Description A vulnerability has been found in Cotonti Siena. The issue affects the file "/admin.php?m=config&n=edit&o=core&p=title". The manipulation of the value of title leads to cross-site scripting.

Recommendations For Cotonti Siena version 0.9.25, as a temporary workaround, consider restricting access to the "/admin.php?m=config&n=edit&o=core&p=title" endpoint to minimize the risk of exploitation. Avoid using the title parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.