LOW
westboy
CVE published 2026-05-30
CVE-2026-10153
A cross-site scripting (XSS) vulnerability exists in westboy CicadasCMS, affecting the Search function in org/springframework/cache/support/AbstractCacheManager.java. The flaw allows remote attackers to inject malicious scripts via the 's' argument. The vulnerability has a LOW severity CVSS score of 2.1 and has been publicly disclosed with exploit availability noted. The project uses a rolling release mod [truncated]