MEDIUM 6.1 PyPI
Mezzanine CMS Cross-Site Scripting (XSS) vulnerability
GHSA-2544-hpcq-6g27 · CVE-2025-29573 · PYSEC-2025-136
Published · Modified
Description
Cross-Site Scripting (XSS) vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-29573
- WEB https://github.com/pypa/advisory-database/tree/main/vulns/mezzanine/PYSEC-2025-136.yaml
- PACKAGE https://github.com/stephenmcd/mezzanine
- WEB https://www.squadappsec.com/post/cve-2025-29573-persistent-xss-in-mezzanine-cms-6-0-0-via-malicious-filename
Ready to move
Start Securing
Free, no credit card | First findings in minutes