CVE-2025-61413

A stored cross-site scripting (XSS) vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks.

Published Oct 24, 2025

https://github.com/advisories/GHSA-3qcp-9v8c-6jp7

CVSS ScoreMedium

5.3

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-61413

A stored cross-site scripting (XSS) vulnerability in the /manager/pages component of Piranha CMS v12.0 allows attackers to execute arbitrary web scripts or HTML via creating a page and injecting a crafted payload into the Markdown blocks.

Published Oct 24, 2025

https://github.com/advisories/GHSA-3qcp-9v8c-6jp7

CVSS ScoreMedium

5.3


pecoff	Piranha CMS/Piranha.Manager/Piranha.Manager.dll	12.0.0.0
nuget	Piranha.Manager	12.0.0

Ecosystem	Package	Version


pecoff	Piranha CMS/Piranha.Manager/Piranha.Manager.dll	12.0.0.0
nuget	Piranha.Manager	12.0.0

Find vulnerabilities. Fix fast with AI.

CVE-2025-61413

CVE-2025-61413