CVE-2025-7748 – ZCMS Cross Site Scripting (XSS) Vulnerability in Create Article Page

July 17, 2025

CVE ID : CVE-2025-7748

Published : July 17, 2025, 6:15 p.m. | 21 minutes ago

Description : A vulnerability classified as problematic was found in ZCMS 3.6.0. This vulnerability affects unknown code of the component Create Article Page. The manipulation of the argument Title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-7747 – Tenda POST Request Handler Buffer Overflow Vulnerability

Next Article CVE-2025-53638 – Solady Silent Failure in Proxy Initialization Vulnerability

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

Report: 71% of tech leaders won’t hire devs without AI skills

Could OpenAI’s rumored browser be a Chrome-killer? Here’s what I’m expecting

My favorite lens and screen-cleaning kit keeps my tech spotless, and it only costs $8

AI’s biggest impact on your workforce is still to come – 3 ways to avoid getting left behind

Remedy offers update on ‘FBC: Firebreak,’ details coming improvements — “We’ve seen many players come into the game and leave within the first hour.”

The details of TC39’s last meeting

The details of TC39’s last meeting

Online Examination System using PHP and MySQL

A tricky, educational quiz: it’s about time..

CAD Sketcher – constraint-based geometry sketcher

CAD Sketcher – constraint-based geometry sketcher

7 Best Free and Open Source Linux FTP Servers

Best Free and Open Source Alternatives to Autodesk FBX Review

CVE-2025-7748 – ZCMS Cross Site Scripting (XSS) Vulnerability in Create Article Page

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CVE-2025-6693 – RT-Thread Device Memory Corruption Vulnerability

Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group

Microsoft Teams Mobile will introduce a game-changing content share button

CVE-2025-23968 – WPCenter AiBud WP Unrestricted File Upload RCE

Update PyTorch ASAP | Kaspersky official blog

Designing a new way to optimize complex coordinated systems

Critical Vulnerability in Lovable’s Security Policies Let Attackers Inject Malicious Code

8 Best Free and Open Source Restic Wrappers

CVE-2025-7748 – ZCMS Cross Site Scripting (XSS) Vulnerability in Create Article Page

Related Posts