Moderate severityOSV Advisory· Published Feb 2, 2026· Updated Feb 3, 2026
CVE-2025-70960
CVE-2025-70960
Description
A stored cross-site scripting (XSS) vulnerability in the Forums module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tendenciPyPI | <= 16.14 | — |
Affected products
2Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.