| CVE-2025-50481 |
unknown |
— |
1.0 |
|
|
|
11mo ago |
A cross-site scripting (XSS) vulnerability in the component /blog/blogpost/add of Mezzanine CMS v6.1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into a… |
| CVE-2025-6050 |
unknown |
— |
— |
|
|
|
1y ago |
Mezzanine CMS has a Stored Cross-Site Scripting (XSS) vulnerability in the displayable_links_js function |
| CVE-2025-29573 |
unknown |
— |
— |
|
|
|
1y ago |
Cross-Site Scripting (XSS) vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module. |
| CVE-2024-25169 |
unknown |
— |
— |
|
|
|
2y ago |
Mezzanine allows attackers to bypass access control mechanisms |
| CVE-2024-25170 |
unknown |
— |
— |
|
|
|
2y ago |
Mezzanine allows attackers to bypass access controls via manipulating the Host header |
| CVE-2020-19002 |
unknown |
— |
— |
|
|
|
4y ago |
Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. This issue is different than … |
