Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

BraveCMS-2.0 — Vulnerabilities & Security Advisories 6

All 6 CVE vulnerabilities found in BraveCMS-2.0, with AI-generated Chinese analysis, references, and POCs.

Vendor: Ajax30

CVE IDTitleCVSSSeverityPublished
CVE-2026-41576 Ajax30/BraveCMS-2.0: Stored HTML Injection in Contact Email via nl2br() and Unescaped Blade Template CWE-79 7.1 High2026-05-08
CVE-2026-41524 Ajax30/BraveCMS-2.0: Stored XSS in Page / Article Content CWE-79 8.7 High2026-05-08
CVE-2026-35183 Brave CMS has an Insecure Direct Object Reference in Article Image Deletion CWE-639 7.1 High2026-04-06
CVE-2026-35182 Missing Authorization Privilege Escalation CWE-862 8.8 High2026-04-06
CVE-2026-35164 Brave CMS Sffected by Unrestricted File Upload via CKEditor Endpoint CWE-434 8.8 High2026-04-06
CVE-2026-35047 Brave CMS has Unrestricted File Upload in BraveCMS via CKEditor Endpoint CWE-434 9.8AICriticalAI2026-04-06

All 6 known CVE vulnerabilities affecting BraveCMS-2.0 with full Chinese analysis, references, and POCs where available.