Moderate severityNVD Advisory· Published Oct 23, 2025· Updated Oct 23, 2025
CVE-2025-60837
CVE-2025-60837
Description
A reflected cross-site scripting (XSS) vulnerability in MCMS v6.0.1 allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted payload.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
net.mingsoft:ms-mcmsMaven | <= 6.0.1 | — |
Affected products
2- MCMS/MCMSdescription
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.