Submit #802041: Bludit CMS 3.20.0 Cross Site Scripting
| Title | Bludit CMS 3.20.0 Cross Site Scripting |
|---|---|
| Description | A reflected Cross-Site Scripting (XSS) vulnerability was identified in Bludit CMS via the search functionality when the search plugin was enabled. User-supplied input in the search parameter was reflected in the response without proper sanitization or encoding. This allowed arbitrary JavaScript execution in the victim’s browser. An attacker could exploit this to steal session data, perform phishing, or manipulate page content. Successful exploitation may lead to account takeover in privileged contexts. |
| Source | ⚠️ https:/ |
| User | thepiyushkumarshukla (UID 94321) |
| Submission | 04/10/2026 12:04 (3 months ago) |
| Moderation | 04/25/2026 21:26 (15 days later) |
| Status | Duplicate |
| VulDB entry | 358564 [Bludit up to 3.20 URL cross site scripting] |
| Points | 0 |