CVE-2025-11306 | qianfox FoxCMS up to 1.2 Search Page /index.php/Search keyword cross site scripting

A vulnerability was found in qianfox FoxCMS up to 1.2. It has been declared as problematic. This affects an unknown part of the file /index.php/Search of the component Search Page. The manipulation of the argument keyword results in cross site scripting.

This vulnerability is identified as CVE-2025-11306. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More