CVE-2025-56429

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions FearlessCMS version 0.0.2-15

Description A Cross Site Scripting issue exists in FearlessCMS. This allows a remote attacker to potentially obtain sensitive information through the login.php component. The login.php component is the point of exploitation.

Recommendations Update FearlessCMS to a version that addresses this issue. As a temporary workaround, consider restricting access to the login.php component to minimize the risk of exploitation.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-56429

Affected Products

Fearlesscms

CVE-2025-56429

Weakness Enumeration

Related Identifiers

Affected Products

References · 4