HAX CMS helps manage microsite universe with PHP or NodeJs backends. In versions 11.0.6 to before 25.0.0, HAX CMS is vulnerable to stored XSS, which could lead to account takeover. This issue has been patched in version 25.0.0.
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:HPsu Haxcms Node.js
APPPsu11.0.6
Related vulnerabilities
HAXcms Node.js — brak uwierzytelnienia przez niebezpieczną konfigurację domyślną
HAX CMS allows you to manage your microsite universe with PHP or NodeJs backends. In versions 11.0.13 and belo...
HAX CMS NodeJS allows users to manage their microsite universe with a NodeJS backend. Versions 11.0.9 and belo...
HAX CMS NodeJs allows users to manage their microsite universe with a NodeJs backend. In versions 11.0.7 and b...
HAX CMS NodeJs allows users to manage their microsite universe with a NodeJs backend. In versions 11.0.8 and b...