CVE-2025-46041 – Anchor CMS Stored XSS

June 9, 2025

CVE ID : CVE-2025-46041

Published : June 9, 2025, 5:15 p.m. | 3 hours, 12 minutes ago

Description : A stored cross-site scripting (XSS) vulnerability in Anchor CMS v0.12.7 allows attackers to inject malicious JavaScript via the page description field in the page creation interface (/admin/pages/add).

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-45001 – React Native Keys Information Disclosure

Next Article CVE-2025-45002 – Vigybag Cross Site Scripting (XSS)

Highlights

CVE-2025-31650 – Apache Tomcat HTTP Priority Header Memory Leak DoS

April 28, 2025

CVE ID : CVE-2025-31650

Published : April 28, 2025, 8:15 p.m. | 2 hours, 50 minutes ago

Description : Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service.

This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5.

Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

Copilot Vision just launched — and Microsoft already added new features

Master Data Management: The Key to Improved Analytics Reporting

Master Data Management: The Key to Improved Analytics Reporting

Salesforce Lead-to-Revenue Management

React Native 0.80 – React 19.1, JS API Changes, Freezing Legacy Arch and much more

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

CVE-2025-46041 – Anchor CMS Stored XSS

Apache Tomcat Under Attack: Massive Brute-Force Campaign Targets Manager Interfaces

Warning: Discontinued Amazon Cloud Cam Has Vulnerability (CVE-2025-6031), Exposing Your Network

First Ubuntu Monthly Snapshot Now Available to Download

RXTX: A Machine Learning-Guided Algorithm for Efficient Structured Matrix Multiplication

MiMo-VL-7B: A Powerful Vision-Language Model to Enhance General Visual Understanding and Multimodal Reasoning

CVE-2025-1909 – BuddyBoss Platform Pro WordPress Authentication Bypass Vulnerability

CVE-2025-31650 – Apache Tomcat HTTP Priority Header Memory Leak DoS

CVE-2025-49073 – Axiomthemes Sweet Dessert Deserialization of Untrusted Data Object Injection Vulnerability

CVE-2025-46614 – Snowflake ODBC Driver Information Disclosure

251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch

CVE-2025-46041 – Anchor CMS Stored XSS

Related Posts