Unrated severityNVD Advisory· Published Dec 23, 2025· Updated Apr 7, 2026
CSZ CMS 1.2.7 HTML Injection Vulnerability via Member Dashboard
CVE-2021-47737
Description
CSZ CMS 1.2.7 contains an HTML injection vulnerability that allows authenticated users to insert malicious hyperlinks in message titles. Attackers can craft POST requests to the member messaging system with HTML-based links to potentially conduct phishing or social engineering attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Cszcms/CSZ CMSv5Range: 1.2.7
Patches
Vulnerability mechanics
References
4- www.exploit-db.com/exploits/48357mitreexploit
- www.vulncheck.com/advisories/csz-cms-html-injection-vulnerability-via-member-dashboardmitrethird-party-advisory
- sourceforge.net/projects/cszcms/mitreproduct
- www.cszcms.commitreproduct
News mentions
0No linked articles in our index yet.