PatchSiren

Juzaweb CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Juzaweb CVE published 2026-05-06

CVE-2026-36358

A Cross Site Scripting vulnerability was reported in Juzaweb CMS version 5.0.0. The vulnerability allows a remote attacker to execute arbitrary code via a crafted script to the Add Banner Ads function. This vulnerability has significant implications for the security of Juzaweb CMS deployments, as it could allow attackers to inject malicious scripts into web pages viewed by other users. The vulnerability h [truncated]