CVE-2026-38947 - Vulnerability Details

FluentCMS 1.2.3 is vulnerable to Cross Site Scripting (XSS) in TextHTML plugin.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products

References

Link	Providers
https://github.com/fluentcms/FluentCMS/issues/2405

History

Tue, 05 May 2026 21:45:00 +0000

Type	Values Removed	Values Added
Title		Cross Site Scripting Vulnerability in FluentCMS TextHTML Plugin
Weaknesses		CWE-79

Tue, 05 May 2026 20:00:00 +0000

Type	Values Removed	Values Added
Description		FluentCMS 1.2.3 is vulnerable to Cross Site Scripting (XSS) in TextHTML plugin.
References		https://github.com/fluentcms/FluentCMS/issues/2405

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-05-05T00:00:00.000Z

Updated: 2026-05-05T19:45:31.975Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-38947

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2026-05-05T20:16:38.513

Modified: 2026-05-05T20:24:04.853

Link: CVE-2026-38947

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-05T21:30:05Z

Metrics