CVE-2025-52161
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk31th percentile - higher than 31% of all known CVEs
Summary
A cross-site scripting (XSS) vulnerability was discovered in Scholl Communications AG Weblication CMS Core version v019.004.000.000. It allows injection of malicious JavaScript code into CMS-generated pages.
Risk Assessment
An attacker can exploit this vulnerability to steal user sessions, capture authentication credentials, or conduct phishing attacks against administrators and content editors.
Recommendation
Immediately update Weblication CMS Core to the latest available version that fixes this vulnerability. Until the update is applied, implement input validation and output encoding in the application.
Original NVD description (English source)
Scholl Communications AG Weblication CMS Core v019.004.000.000 was discovered to contain a cross-site scripting (XSS) vulnerability.

