CVE-2025-40727 – Phoenix Site CMS Reflected Cross Site Scripting (XSS)

June 16, 2025

CVE ID : CVE-2025-40727

Published : June 16, 2025, 9:15 a.m. | 1 hour, 4 minutes ago

Description : A Reflected Cross Site Scripting (XSS) vulnerability was found in ‘/search’ in Phoenix Site CMS from Phoenix, which allows remote attackers to execute arbitrary code via ‘s’ GET parameter.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-40728 – Customer Support System SQL Injection

Next Article CVE-2025-40726 – Nosto Reflected Cross-Site Scripting (XSS)

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

The 5 gadgets that got me through marathons and obstacle races (and why they work)

This beastly 500W charger replaced every other charger I had – with six ports to boot

Mac Mini won’t power on? Apple will fix it for you – for free

Why I’m switching to VS Code. Hint: It’s all about AI tool integration

From Concept to Code: Final Year PHP Projects with Reports for Smart Submissions

From Concept to Code: Final Year PHP Projects with Reports for Smart Submissions

Building Construction suppliers in India

Neutralinojs v6.1 released

Microsoft Edge’s Quiet Shift to AVIF: Why It Matters

Microsoft Edge’s Quiet Shift to AVIF: Why It Matters

Windows 11 test builds are accidentally playing the Windows Vista startup sound

Leaked: ROG Xbox Ally and Xbox Ally X pre-orders set for August, launch in October

CVE-2025-40727 – Phoenix Site CMS Reflected Cross Site Scripting (XSS)

Apache Tomcat Vulnerabilities Allow Authentication Bypass and DoS Attacks

VS meldt actief misbruik van beveiligingslek in wifi-routers TP-Link

NVIDIA GeForce “Game Ready” graphics driver update fixes bugs from a previous release — Flickering screens patched

CVE-2025-48063 – XWiki Remote Code Execution via Required Rights Bypass

Scaling Reinforcement Learning Beyond Math: Researchers from NVIDIA AI and CMU Propose Nemotron-CrossThink for Multi-Domain Reasoning with Verifiable Reward Modeling

Meta’s AI Chatbots Exposed: Caught Sexting Minors Using Celebrity Voices

Nala: L’alternativa moderna ad APT per la gestione dei pacchetti su GNU/Linux

Xbox Ally vs Steam Deck: Which is the better gaming handheld?

CVE-2025-44866 – Tenda W20E Command Injection Vulnerability

CVE-2025-43966 – Libheif NULL Pointer Dereference Vulnerability

CVE-2025-40727 – Phoenix Site CMS Reflected Cross Site Scripting (XSS)

Related Posts