{"id":"CVE-2025-56429","details":"Cross Site Scripting vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to obtain sensitive information via the login.php component.","modified":"2026-04-10T05:32:07.260580Z","published":"2025-12-10T19:16:14.027Z","references":[{"type":"REPORT","url":"https://github.com/fearlessgeekmedia/FearlessCMS/issues/36"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/fearlessgeekmedia/fearlesscms","events":[{"introduced":"0"},{"last_affected":"7b766da5516b8304ae757f52b58d0a7166e40fce"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.0.2-15"}]}}],"versions":["0.0.1","0.0.2","0.0.2-1","0.0.2-11","0.0.2-12","0.0.2-13","0.0.2-14","0.0.2-15","0.0.2-2","0.0.2-3","0.0.2-5","0.0.2-6","0.0.2-7","0.0.2-8","0.0.2-9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-56429.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}