GHSA-2544-hpcq-6g27MediumCVSS 6.1
Mezzanine CMS Cross-Site Scripting (XSS) vulnerability
🔗 CVE IDs covered (1)
📋 Description
Cross-Site Scripting (XSS) vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module.
🎯 Affected products1
- pip/Mezzanine:<= 6.0.0
🔗 References (5)
- https://nvd.nist.gov/vuln/detail/CVE-2025-29573
- https://github.com/stephenmcd/mezzanine
- https://www.squadappsec.com/post/cve-2025-29573-persistent-xss-in-mezzanine-cms-6-0-0-via-malicious-filename
- https://github.com/pypa/advisory-database/tree/main/vulns/mezzanine/PYSEC-2025-136.yaml
- https://github.com/advisories/GHSA-2544-hpcq-6g27