PT-2026-27211 · Unknown · Census Csweb
Published
2026-03-23
·
Updated
2026-03-23
·
CVE-2025-60948
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Census CSWeb versions prior to 8.1.0 alpha
Description
Census CSWeb 8.0.1 contains a stored cross-site scripting issue in user-supplied fields. An authenticated attacker could store malicious JavaScript that executes in a victim’s browser. The issue allows for the injection of malicious code through vulnerable input fields.
Recommendations
Update to version 8.1.0 alpha or later.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Census Csweb