Approved changes feed: RSS · Atom

cpe:2.3:a:totaljs:content_management_system:*:*:*:*:*:node.js:*:*

part: a version: * update: *

VendorTotaljs (c2c15978-184c-5682-8600-bc2601bf8f6a)
ProductContent Management System (41278cb8-3bac-55c6-acc0-74569d283581)
Edition*
Language*
Software edition*
Target softwarenode.js
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/totaljs/cms purl2cpe 2026-06-01 10:16:59.888208

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-26565 vulnerable 2026-06-08 05:41:52.499122 Details available
A cross-site scripting (XSS) vulnerability in Totaljs all versions before commit 95f54a5commit, allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Name text field when creating a new page.
Published: 2022-04-01T21:24:11.000Z
Updated: 2024-08-03T05:03:32.792Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.