CVE-2026-7011: Cross Site Scripting in MaxSite CMS
A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/plugin_antispam of the component Antispam Plugin. Executing a manipulation of the argument f_logging_file can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 109.4 addresses this issue. This patch is called 8a3946bd0a54bfb72a4d57179fcd253f2c550cd7. Upgrading the affected component is advised. The vendor was informed early about this issue. They classify it as a "Self-XSS". They deployed a countermeasure: "Nevertheless, we consider this a violation of secure coding standards. The lack of filtering via `htmlspecialchars()` has already been fixed in the latest patch to prevent incorrect data display."
AI Analysis
Technical Summary
This vulnerability affects MaxSite CMS versions 109.0 through 109.3 in the Antispam Plugin component. It involves a cross-site scripting flaw due to lack of proper output encoding on the f_logging_file argument in the /admin/plugin_antispam file. An attacker can remotely manipulate this argument to execute script code in the context of the affected site. The vendor addressed the issue in version 109.4 by applying htmlspecialchars() filtering to sanitize the input and prevent script injection. The vulnerability is categorized under CWE-79 (Improper Neutralization of Input During Web Page Generation) and CWE-94 (Improper Control of Generation of Code).
Potential Impact
Successful exploitation could allow an attacker to execute arbitrary scripts in the context of the affected web application, potentially leading to user interface manipulation or session hijacking. However, the vendor classifies this as a Self-XSS, indicating that exploitation requires user interaction with their own input, which limits the risk. There are no known exploits in the wild, and the CVSS score is medium (4.8).
Mitigation Recommendations
Upgrade MaxSite CMS to version 109.4 or later, where the vulnerability is fixed by applying htmlspecialchars() filtering to the affected parameter. The vendor has deployed this official fix, so upgrading is the recommended remediation. No additional mitigation steps are indicated by the vendor.
CVE-2026-7011: Cross Site Scripting in MaxSite CMS
Description
A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/plugin_antispam of the component Antispam Plugin. Executing a manipulation of the argument f_logging_file can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 109.4 addresses this issue. This patch is called 8a3946bd0a54bfb72a4d57179fcd253f2c550cd7. Upgrading the affected component is advised. The vendor was informed early about this issue. They classify it as a "Self-XSS". They deployed a countermeasure: "Nevertheless, we consider this a violation of secure coding standards. The lack of filtering via `htmlspecialchars()` has already been fixed in the latest patch to prevent incorrect data display."
CVSS v4.0
Score 4.8medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability affects MaxSite CMS versions 109.0 through 109.3 in the Antispam Plugin component. It involves a cross-site scripting flaw due to lack of proper output encoding on the f_logging_file argument in the /admin/plugin_antispam file. An attacker can remotely manipulate this argument to execute script code in the context of the affected site. The vendor addressed the issue in version 109.4 by applying htmlspecialchars() filtering to sanitize the input and prevent script injection. The vulnerability is categorized under CWE-79 (Improper Neutralization of Input During Web Page Generation) and CWE-94 (Improper Control of Generation of Code).
Potential Impact
Successful exploitation could allow an attacker to execute arbitrary scripts in the context of the affected web application, potentially leading to user interface manipulation or session hijacking. However, the vendor classifies this as a Self-XSS, indicating that exploitation requires user interaction with their own input, which limits the risk. There are no known exploits in the wild, and the CVSS score is medium (4.8).
Mitigation Recommendations
Upgrade MaxSite CMS to version 109.4 or later, where the vulnerability is fixed by applying htmlspecialchars() filtering to the affected parameter. The vendor has deployed this official fix, so upgrading is the recommended remediation. No additional mitigation steps are indicated by the vendor.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-04-25T10:13:19.657Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
- Epss Score
- 0.00011
- Epss Percentile
- 0.01371
- Epss Date
- 2026-04-26
- Gcve Source
- db.gcve.eu
Threat ID: 69ed68a087115cfb6872b091
Added to database: 4/26/2026, 1:21:36 AM
Last enriched: 5/3/2026, 7:26:10 AM
Last updated: 6/10/2026, 4:17:53 AM
Views: 84
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.