Submit #802041: Bludit CMS 3.20.0 Cross Site Scriptinginfo

TitleBludit CMS 3.20.0 Cross Site Scripting
DescriptionA reflected Cross-Site Scripting (XSS) vulnerability was identified in Bludit CMS via the search functionality when the search plugin was enabled. User-supplied input in the search parameter was reflected in the response without proper sanitization or encoding. This allowed arbitrary JavaScript execution in the victim’s browser. An attacker could exploit this to steal session data, perform phishing, or manipulate page content. Successful exploitation may lead to account takeover in privileged contexts.
Source⚠️ https://gist.github.com/thepiyushkumarshukla/36b213cdb3c7d603e23fd23605cd681e
User
 thepiyushkumarshukla (UID 94321)
Submission04/10/2026 12:04 (3 months ago)
Moderation04/25/2026 21:26 (15 days later)
StatusDuplicate
VulDB entry358564 [Bludit up to 3.20 URL cross site scripting]
Points0

Do you know our Splunk app?

Download it now for free!