Unrated severityNVD Advisory· Published Dec 11, 2025· Updated Mar 5, 2026
PyroCMS v3.0.1 Stored Cross-Site Scripting via Admin Redirects
CVE-2024-58297
Description
PyroCMS v3.0.1 contains a stored cross-site scripting vulnerability in the admin redirects configuration that allows attackers to inject malicious scripts. Attackers can insert a payload in the 'Redirect From' field to execute arbitrary JavaScript when administrators view the redirects page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- www.exploit-db.com/exploits/52016mitreexploit
- www.vulncheck.com/advisories/pyrocms-v-stored-cross-site-scripting-via-admin-redirectsmitrethird-party-advisory
- pyrocms.commitreproduct
- www.softaculous.com/apps/cms/PyroCMS/mitreproduct
News mentions
0No linked articles in our index yet.