Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-55793— Craft CMS: Stored XSS via Structure entry title in table view

AI Predicted 6.5 Difficulty: Easy EPSS 0.41% · P33

Affected Version Matrix 1

VendorProductVersion RangeStatus
craftcmscms>= 5.0.0-RC1, < 5.9.23affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-55793

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Craft CMS: Stored XSS via Structure entry title in table view
Source: NVD (National Vulnerability Database)
Vulnerability Description
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22, an author-level control panel user can store a malicious JavaScript payload in an entry title. When an admin, or any control panel user with saveEntries for the same Structure section, drags another entry under the poisoned entry in table view, the payload executes in the victim’s session. The issue is exploitable because the title is escaped into data-title by the server, decoded again by the browser, read with jQuery .data('title'), and then concatenated into a new HTML string without attribute escaping. To exploit, an attacker must have an existing control panel account (Author role minimum), the victim must perform a drag operation (not just visit the page), and the victim’s session needs to be elevated at trigger time. This issue has been fixed in version 5.9.23.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Source: NVD (National Vulnerability Database)
Vulnerability Title
CraftCMS cms 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
CraftCMS cms是CraftCMS的内容管理系统。 CraftCMS cms存在跨站脚本漏洞,该漏洞源于条目标题清理与转义不当,可能导致作者级别的控制面板用户在条目标题中存储恶意JavaScript有效载荷,当管理员或其他用户拖动条目标题时触发执行。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
craftcmscms >= 5.0.0-RC1, < 5.9.23 -

II. Public POCs for CVE-2026-55793

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-55793

登录查看更多情报信息。

Patches & Fixes for CVE-2026-55793 (1)

Vendor Advisories for CVE-2026-55793 (1)

Same Patch Batch · craftcms · 2026-07-01 · 9 CVEs total

CVE-2026-50284Craft CMS: Missing peer-permission check in `AssetsController::actionDeleteFolder` allows
CVE-2026-50280Craft CMS: Authorization bypass in `entries/move-to-section` via missing target-section sa
CVE-2026-50279Craft CMS: Authorship spoofing in `entries/save-entry` via pre-check/post-mutation authori
CVE-2026-50283Craft CMS: Unauthorized Deletion of Source Assets During File Replacement
CVE-2026-55790Craft CMS: DOM XSS via GitHub issue title in CraftSupport widget
CVE-2026-55792Craft CMS: Sensitive File Disclosure / Server-Side File Read
CVE-2026-55791Craft CMS: Blind SSRF and Arbitrary JavaScript Injection via Host Header Poisoning in acti
CVE-2026-55794Craft CMS: Potential authenticated Remote Code Execution via referrer redirect

IV. Related Vulnerabilities

V. Comments for CVE-2026-55793

No comments yet


Leave a comment