HomeMicroweberCVE-2025-51503

CVE-2025-51503

HIGH
7.6CVSS
Published: 2025-07-31
Updated: 2025-08-06
AI Analysis

Description

A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2.0 allows attackers to inject malicious scripts into user profile fields, leading to arbitrary JavaScript execution in admin browsers.

CVSS Metrics

Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Attack Vector
network
Complexity
low
Privileges
low
User Action
none
Scope
unchanged
Confidentiality
high
Integrity
low
Availability
low
Weaknesses
CWE-79

Metadata

Primary Vendor
MICROWEBER
Published
7/31/2025
Last Modified
8/6/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

microweber : microweber

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2025-51503 | HIGH Severity | CVEDatabase.com | CVEDatabase.com