CVE-2026-7011
Cross-Site Scripting in MaxSite CMS Antispam Plugin
Publication date: 2026-04-26
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| maxsite | maxsite_cms | to 109.4 (exc) |
| maxsite | antispam_plugin | to 1.3 (exc) |
| maxsite | down_count_plugin | to 1.4 (exc) |
| maxsite | guestbook_plugin | to 2.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-7011 is a vulnerability in MaxSite CMS up to version 109.3, specifically in the Antispam Plugin component. It involves improper handling of the argument f_logging_file in the /admin/plugin_antispam file, which can be manipulated to perform a cross-site scripting (XSS) attack. This vulnerability allows an attacker to inject malicious scripts that can be executed in the context of the affected web application.
The vulnerability can be exploited remotely and the exploit code has been publicly disclosed. The issue arises because user input was not properly sanitized using functions like htmlspecialchars(), which was fixed in version 109.4.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute malicious scripts in the context of your website or application using MaxSite CMS up to version 109.3. This can lead to unauthorized actions such as session hijacking, defacement, or redirection to malicious sites.
Although the vendor classifies this as a "Self-XSS" and the CVSS scores indicate a low severity, it still violates secure coding standards and can cause incorrect data display or security issues if exploited.
Upgrading to version 109.4 is advised to mitigate this risk by applying proper input sanitization.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves a cross-site scripting (XSS) issue in the Antispam Plugin of MaxSite CMS up to version 109.3, specifically related to manipulation of the argument f_logging_file in the /admin/plugin_antispam file.
Detection would typically involve testing the affected parameter for XSS payloads by sending crafted HTTP requests to the /admin/plugin_antispam endpoint and observing if the input is improperly reflected without sanitization.
Since the vulnerability is related to improper escaping of user input, you can use tools like curl or browser-based testing to inject typical XSS payloads such as <script>alert(1)</script> into the f_logging_file parameter and check for execution or reflected output.
- Example curl command to test the parameter (replace URL and parameters accordingly):
- curl -k -X POST 'https://your-maxsite-cms-domain/admin/plugin_antispam' -d 'f_logging_file=<script>alert(1)</script>' -v
Monitoring web server logs for suspicious requests containing script tags or unusual input in the f_logging_file parameter can also help detect exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade MaxSite CMS and its plugins to version 109.4 or later, which includes the security patch addressing this vulnerability.
The patch applies proper input sanitization using the htmlspecialchars() function on the affected parameters, preventing cross-site scripting attacks.
Until the upgrade can be applied, consider restricting access to the /admin/plugin_antispam interface to trusted users only, and monitor for suspicious input or activity.
Review and apply any vendor-recommended countermeasures or configuration changes that limit exposure to this vulnerability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in MaxSite CMS allows for cross-site scripting (XSS) attacks due to improper input sanitization in the Antispam Plugin. Such vulnerabilities can lead to unauthorized script execution, potentially exposing user data or session information.
While the CVE description and resources do not explicitly mention compliance with standards like GDPR or HIPAA, XSS vulnerabilities generally pose risks to data integrity and confidentiality, which are critical aspects of these regulations.
Failure to address such vulnerabilities could lead to non-compliance with secure coding and data protection requirements mandated by these standards, as they require protection against unauthorized access and data breaches.
The patch applied in version 109.4, which implements proper input sanitization using htmlspecialchars(), helps mitigate these risks and supports compliance by reducing the likelihood of data exposure through XSS attacks.