Ai Cms Grapesjs
Approved changes feed: RSS · Atom
cpe:2.3:a:aimeos:ai-cms-grapesjs:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Aimeos (b4d165b0-ea44-5b6c-9214-9c2f903ffab7) |
|---|---|
| Product | Ai Cms Grapesjs (31f1c4f7-b6fc-5db7-9881-62ac516a1285) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-66468 |
vulnerable | 2026-06-08 07:41:18.989855 |
Aimeos GrapesJS CMS extension possible stores XSS exploitable by authenticated editors
HIGH (7.7)
The Aimeos GrapesJS CMS extension provides page editor for creating content pages based on extensible components. Prior to 2021.10.8, 2022.10.8, 2023.10.8, 2024.10.8, and 2025.10.8, Javascript code can be injected by malicious editors for a stored XSS attack if the standard Content Security Policy is disabled. This vulnerability is fixed in 2021.10.8, 2022.10.8, 2023.10.8, 2024.10.8, and 2025.10.8.
Published: 2025-12-02T18:40:44.081Z
Updated: 2025-12-02T19:25:50.350Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.