Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-8357-fjvx-xrm8

GitHub Security Advisory

Microweber has Reflected XSS Vulnerability in the id Parameter

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

Reflected Cross-Site Scripting (XSS) in the id parameter of the live_edit.module_settings API endpoint in Microweber CMS2.0 allows execution of arbitrary JavaScript.

Affected Packages

Packagist microweber/microweber
Affected versions: 2.0.0 (last affected: 2.0.19)

Related CVEs

CVE-2025-51501

Key Information

GHSA ID
GHSA-8357-fjvx-xrm8
Published
August 1, 2025 6:31 PM
Last Modified
August 1, 2025 9:06 PM
CVSS Score
5.0 /10
Primary Ecosystem
Packagist
Primary Package
microweber/microweber
GitHub Reviewed
✓ Yes

Dataset

Last updated: September 14, 2025 6:31 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.