Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-70960
CVE-2025-70960
A stored cross-site scripting (XSS) vulnerability in the Forums module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.
Published Feb 5, 2026
https://github.com/advisories/GHSA-6fvp-wmh6-jg95
CVSS Score
Medium
5.4
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
pypi
tendenci
11.0.1
pypi
tendenci
11.0.2
pypi
tendenci
11.0.3
pypi
tendenci
11.0.4
pypi
tendenci
11.0.5
pypi
tendenci
11.0.6
pypi
tendenci
11.0.7
pypi
tendenci
11.0.8
pypi
tendenci
11.0
pypi
tendenci
11.1.1
pypi
tendenci
11.1.2
pypi
tendenci
11.1
pypi
tendenci
11.2.10
pypi
tendenci
11.2.11
pypi
tendenci
11.2.12
pypi
tendenci
11.2.1
pypi
tendenci
11.2.2
pypi
tendenci
11.2.3
pypi
tendenci
11.2.4
pypi
tendenci
11.2.5
pypi
tendenci
11.2.6
pypi
tendenci
11.2.7
pypi
tendenci
11.2.8
pypi
tendenci
11.2.9
pypi
tendenci
11.2
pypi
tendenci
11.3.1
pypi
tendenci
11.3
pypi
tendenci
11.4.10
pypi
tendenci
11.4.1
pypi
tendenci
11.4.2
pypi
tendenci
11.4.3
pypi
tendenci
11.4.4
pypi
tendenci
11.4.5
pypi
tendenci
11.4.6
pypi
tendenci
11.4.7
pypi
tendenci
11.4.8
pypi
tendenci
11.4.9
pypi
tendenci
11.4
pypi
tendenci
12.0.10
pypi
tendenci
12.0.11
pypi
tendenci
12.0.12
pypi
tendenci
12.0.13
pypi
tendenci
12.0.14
pypi
tendenci
12.0.1
pypi
tendenci
12.0.2
pypi
tendenci
12.0.3
pypi
tendenci
12.0.4
pypi
tendenci
12.0.5
pypi
tendenci
12.0.6
pypi
tendenci
12.0.7
1-50 of 750
CVE-2025-70960 | Components Impacted | Sonatype Guide | Sonatype Guide
