VYPR
Unrated severityNVD Advisory· Published Dec 23, 2025· Updated Apr 7, 2026

CSZ CMS 1.2.7 HTML Injection Vulnerability via Member Dashboard

CVE-2021-47737

Description

CSZ CMS 1.2.7 contains an HTML injection vulnerability that allows authenticated users to insert malicious hyperlinks in message titles. Attackers can craft POST requests to the member messaging system with HTML-based links to potentially conduct phishing or social engineering attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.