Medium severity5.4NVD Advisory· Published Mar 25, 2022· Updated Jun 17, 2026
CVE-2022-25582
CVE-2022-25582
Description
A stored cross-site scripting (XSS) vulnerability in the Column module of ClassCMS v2.5 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Articles field.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/k0xx11/Vulscve/blob/master/classcms2.5-xss.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.