← Back

CVE-2025-13181

nvd nist
Published: Nov 14, 2025Modified: Jun 17, 2026

JSON object

Loading...
2.0
Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Show more
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less
Source: CNA (Secondary)

Description

A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.

Affected (1)

Products: H3blog: H3blog
1 product
H3blog
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Version 1.0.0

References (5)

Source: cna@vuldb.com
ExploitThird Party Advisory
Source: cna@vuldb.com
Permissions RequiredVDB Entry
Source: cna@vuldb.com
Third Party AdvisoryVDB Entry
Source: cna@vuldb.com
Third Party AdvisoryVDB Entry

Timeline

No history available yet.