CVE-2025-44115

Source
https://cve.org/CVERecord?id=CVE-2025-44115
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-44115.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-44115
Published
2025-06-02T16:15:29.593Z
Modified
2026-04-10T05:26:47.512898Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the file /admin.php?m=config&n=edit&o=core&p=title. The manipulation of the value of title leads to cross-site scripting.

References

Affected packages

Git / github.com/cotonti/cotonti

Affected ranges

Type
GIT
Repo
https://github.com/cotonti/cotonti
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.9.25"
        }
    ]
}

Affected versions

0.*
0.9.12
0.9.12.1
0.9.13
0.9.14
0.9.15
0.9.16
0.9.16.1
0.9.16.2
0.9.17
0.9.18
0.9.18.1
0.9.19
0.9.19-RC.1
0.9.19-rc1
0.9.20
0.9.20.1
0.9.21
0.9.22
0.9.23
0.9.24
0.9.24.1
0.9.24.2
0.9.25
cotonti-0.*
cotonti-0.9.10
cotonti-0.9.11
cotonti-0.9.11.1
cotonti-0.9.3
cotonti-0.9.6
cotonti-0.9.7
cotonti-0.9.8

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-44115.json"