← back
CVE-2025-44115

CVE-2025-44115

CVSS 5.4 MEDIUMEPSS 0.2%CWE-79
A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the file /admin.php?m=config&n=edit&o=core&p=title. The manipulation of the value of title leads to cross-site scripting.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://gist.github.com/yA0-Z/9666b1a333607381ab8dfcc137f2b65chttps://github.com/Cotonti/Cotonti/issues/1650https://github.com/Cotonti/Cotonti/issues/1834