CVE-2025-46041 is a stored cross-site scripting (XSS) vulnerability identified in Anchor CMS version 0.12.7. The vulnerability arises from insufficient input sanitization in the page description field within the page creation interface (/admin/pages/add). An attacker with at least limited privileges (PR:L) and requiring user interaction (UI:R) can inject malicious JavaScript code into this field. Because the vulnerability is stored, the malicious script persists in the CMS database and is executed whenever an authorized user views the affected page, potentially leading to session hijacking, privilege escalation, or unauthorized actions within the CMS. The CVSS v3.1 base score is 5.4 (medium severity), reflecting that the attack vector is network-based (AV:N), with low attack complexity (AC:L), but requiring privileges and user interaction. The vulnerability impacts confidentiality and integrity but does not affect availability. No known public exploits or patches are currently available, and the vulnerability was published in June 2025. The weakness corresponds to CWE-79, a common web application security flaw related to improper neutralization of input leading to XSS.

For European organizations using Anchor CMS 0.12.7, this vulnerability poses a moderate risk. Attackers who gain limited access to the CMS backend could inject malicious scripts that execute in the browsers of other users, including administrators. This can lead to theft of authentication tokens, unauthorized content modification, or further compromise of the CMS environment. Given that many European companies rely on CMS platforms for web presence and content management, exploitation could result in reputational damage, data leakage, and potential compliance violations under GDPR if personal data is exposed. The requirement for user interaction and privileges limits the attack scope but does not eliminate risk, especially in environments with multiple CMS users or weak internal access controls. The lack of a patch increases exposure time, emphasizing the need for proactive mitigation.

European organizations should immediately audit their Anchor CMS installations to identify version 0.12.7 usage. Until an official patch is released, implement strict input validation and output encoding on the page description field to neutralize malicious scripts. Employ Content Security Policy (CSP) headers to restrict script execution sources and reduce XSS impact. Limit CMS user privileges to the minimum necessary and enforce strong authentication mechanisms to reduce the risk of privilege abuse. Monitor CMS logs for unusual activity indicative of attempted XSS exploitation. Additionally, educate CMS users about the risks of interacting with untrusted content and consider isolating the CMS administration interface behind VPNs or IP whitelisting to reduce exposure. Regularly check for vendor updates and apply patches promptly once available.