CVE Catalog

CVE-2026-36521

MediumCVSS 6.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

4th percentile — higher than 4% of all known CVEs

Summary

PublicCMS V5.202506.d has a Cross Site Scripting (XSS) vulnerability in the site configuration management module.

Risk Assessment

Exploitation of this vulnerability may lead to session hijacking and data theft.

Recommendation

It is recommended to update to the latest version of PublicCMS to mitigate this vulnerability.

Original NVD description (English source)

PublicCMS V5.202506.d has a Cross Site Scripting (XSS) vulnerability in the site configuration management module.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS