Vendor
high
advisory
ApostropheCMS Stored XSS Vulnerability in SEO Fields Leads to Data Exposure
2 rules 5 TTPs 1 CVE 2 IOCsA stored cross-site scripting (XSS) vulnerability exists in SEO-related fields (SEO Title and Meta Description) in ApostropheCMS v4.28.0, allowing injection of arbitrary JavaScript into HTML contexts, performing authenticated API requests, and exfiltrating sensitive data, leading to a compromise of application confidentiality.
ApostropheCMS
xss
stored-xss
data-exfiltration
2r
5t
1c
2i
high
advisory
ApostropheCMS Stored XSS Vulnerability in SEO Fields (CVE-2026-35569)
2 rules 2 TTPs 1 CVEA stored XSS vulnerability in ApostropheCMS versions 4.28.0 and prior allows attackers to inject arbitrary JavaScript into SEO-related fields, leading to potential data exfiltration and unauthorized actions.
ApostropheCMS
xss
cve-2026-35569
web-application
2r
2t
1c