CVE-2026-44175
getkirby · kirby
A Cross-site Scripting vulnerability in the Kirby CMS allows authenticated attackers with low privileges to execute malicious scripts.
Executive summary
Kirby CMS contains a Cross-site Scripting vulnerability that permits authenticated attackers to compromise user sessions or sensitive data.
Vulnerability
This is a Cross-site Scripting (CWE-79) vulnerability where improper input neutralization allows for the injection of scripts. The attack requires an authenticated user with low privileges and relies on user interaction to execute the payload.
Business impact
Successful exploitation can result in the theft of administrative session cookies, unauthorized modification of web content, or the redirection of users to malicious sites. With a CVSS score of 8.5, this vulnerability represents a high risk to user data confidentiality and the overall integrity of the content management platform.
Remediation
Immediate Action: Update the Kirby CMS installation to version 4.9.1 or 5.4.1, depending on the currently deployed major release branch.
Proactive Monitoring: Monitor site traffic for unusual redirect patterns or the presence of unexpected script tags within user-generated content or administrative dashboards.
Compensating Controls: Deploy a Web Application Firewall with robust XSS filtering rules to inspect and sanitize incoming requests for malicious script injection attempts.
Exploitation status
Public Exploit Available: No (exploit_available: false)
Analyst recommendation
Administrators should verify their current version of Kirby and apply the relevant security update immediately. Given the high impact of XSS on CMS platforms, patching is the only reliable method to eliminate the injection vector.