CVE-2026-7011
Received Received - Intake
Cross-Site Scripting in MaxSite CMS Antispam Plugin

Publication date: 2026-04-26

Last updated on: 2026-04-29

Assigner: VulDB

Description
A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/plugin_antispam of the component Antispam Plugin. Executing a manipulation of the argument f_logging_file can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 109.4 addresses this issue. This patch is called 8a3946bd0a54bfb72a4d57179fcd253f2c550cd7. Upgrading the affected component is advised. The vendor was informed early about this issue. They classify it as a "Self-XSS". They deployed a countermeasure: "Nevertheless, we consider this a violation of secure coding standards. The lack of filtering via `htmlspecialchars()` has already been fixed in the latest patch to prevent incorrect data display."
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-26
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-04-26
EPSS Evaluated
2026-06-15
NVD
CVE-2026-7011
EUVD
EUVD-2026-25685
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
maxsite maxsite_cms to 109.4 (exc)
maxsite antispam_plugin to 1.3 (exc)
maxsite down_count_plugin to 1.4 (exc)
maxsite guestbook_plugin to 2.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-7011 is a vulnerability in MaxSite CMS up to version 109.3, specifically in the Antispam Plugin component. It involves improper handling of the argument f_logging_file in the /admin/plugin_antispam file, which can be manipulated to perform a cross-site scripting (XSS) attack. This vulnerability allows an attacker to inject malicious scripts that can be executed in the context of the affected web application.

The vulnerability can be exploited remotely and the exploit code has been publicly disclosed. The issue arises because user input was not properly sanitized using functions like htmlspecialchars(), which was fixed in version 109.4.

Impact Analysis

This vulnerability can impact you by allowing attackers to execute malicious scripts in the context of your website or application using MaxSite CMS up to version 109.3. This can lead to unauthorized actions such as session hijacking, defacement, or redirection to malicious sites.

Although the vendor classifies this as a "Self-XSS" and the CVSS scores indicate a low severity, it still violates secure coding standards and can cause incorrect data display or security issues if exploited.

Upgrading to version 109.4 is advised to mitigate this risk by applying proper input sanitization.

Detection Guidance

This vulnerability involves a cross-site scripting (XSS) issue in the Antispam Plugin of MaxSite CMS up to version 109.3, specifically related to manipulation of the argument f_logging_file in the /admin/plugin_antispam file.

Detection would typically involve testing the affected parameter for XSS payloads by sending crafted HTTP requests to the /admin/plugin_antispam endpoint and observing if the input is improperly reflected without sanitization.

Since the vulnerability is related to improper escaping of user input, you can use tools like curl or browser-based testing to inject typical XSS payloads such as <script>alert(1)</script> into the f_logging_file parameter and check for execution or reflected output.

  • Example curl command to test the parameter (replace URL and parameters accordingly):
  • curl -k -X POST 'https://your-maxsite-cms-domain/admin/plugin_antispam' -d 'f_logging_file=<script>alert(1)</script>' -v

Monitoring web server logs for suspicious requests containing script tags or unusual input in the f_logging_file parameter can also help detect exploitation attempts.

Mitigation Strategies

The primary mitigation step is to upgrade MaxSite CMS and its plugins to version 109.4 or later, which includes the security patch addressing this vulnerability.

The patch applies proper input sanitization using the htmlspecialchars() function on the affected parameters, preventing cross-site scripting attacks.

Until the upgrade can be applied, consider restricting access to the /admin/plugin_antispam interface to trusted users only, and monitor for suspicious input or activity.

Review and apply any vendor-recommended countermeasures or configuration changes that limit exposure to this vulnerability.

Compliance Impact

The vulnerability in MaxSite CMS allows for cross-site scripting (XSS) attacks due to improper input sanitization in the Antispam Plugin. Such vulnerabilities can lead to unauthorized script execution, potentially exposing user data or session information.

While the CVE description and resources do not explicitly mention compliance with standards like GDPR or HIPAA, XSS vulnerabilities generally pose risks to data integrity and confidentiality, which are critical aspects of these regulations.

Failure to address such vulnerabilities could lead to non-compliance with secure coding and data protection requirements mandated by these standards, as they require protection against unauthorized access and data breaches.

The patch applied in version 109.4, which implements proper input sanitization using htmlspecialchars(), helps mitigate these risks and supports compliance by reducing the likelihood of data exposure through XSS attacks.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-7011. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart