CVE-2025-9981

Name of the Vulnerable Software and Affected Versions QuickCMS version 6.8

Description QuickCMS is susceptible to multiple Stored Cross-Site Scripting (XSS) issues within the slider editor functionality, specifically in the 'sliders-form' component. An attacker possessing administrative privileges can inject arbitrary HTML and JavaScript code into the website. This injected code will be rendered and executed on every page viewed by users. The vendor was notified of this issue but did not provide details regarding vulnerable version ranges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.