平台
php
组件
editor_markitup
修复版本
109.0.1
109.1.1
CVE-2026-3395 describes a code injection vulnerability discovered in MaxSite CMS, specifically within the MarkItUp component's Preview AJAX Endpoint. This flaw allows attackers to potentially execute arbitrary code on vulnerable systems. The vulnerability impacts versions 109.0 through 109.1 of MaxSite CMS, and a fix is available in version 109.2.
Successful exploitation of CVE-2026-3395 allows an attacker to inject and execute arbitrary code on the server hosting the MaxSite CMS instance. This could lead to complete system compromise, including data theft, modification, or deletion. The attacker could gain control of the CMS administrative interface, allowing them to deface the website, install malicious plugins, or redirect users to phishing sites. Given the remote accessibility of the vulnerability and the availability of a public exploit, the potential impact is significant.
CVE-2026-3395 is considered a high-risk vulnerability due to the availability of a public exploit. While no active campaigns have been publicly confirmed, the ease of exploitation increases the likelihood of malicious actors targeting vulnerable systems. The vulnerability was disclosed on 2026-03-01, and a patch was released shortly thereafter. It is listed on the NVD and CISA advisories.
Websites and applications using MaxSite CMS versions 109.0 through 109.1 are at risk. Shared hosting environments utilizing MaxSite CMS are particularly vulnerable, as a compromised plugin on one site could potentially impact other sites on the same server. Administrators who haven't implemented robust input validation for the MarkItUp editor are also at increased risk.
• linux / server:
journalctl -u php-fpm -f | grep 'application/maxsite/admin/plugins/editor_markitup/preview-ajax.php'• generic web:
curl -I https://your-website.com/application/maxsite/admin/plugins/editor_markitup/preview-ajax.php | grep -i 'server'• php:
Check for the presence of the file application/maxsite/admin/plugins/editor_markitup/preview-ajax.php and examine its contents for suspicious code or eval statements.
disclosure
patch
漏洞利用状态
EPSS
0.05% (15% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation for CVE-2026-3395 is to immediately upgrade MaxSite CMS to version 109.2 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting access to the application/maxsite/admin/plugins/editor_markitup/preview-ajax.php endpoint using a web application firewall (WAF) or proxy server. Carefully review and sanitize all user inputs to the MarkItUp editor to prevent malicious code from being injected. Monitor server logs for any suspicious activity related to the affected endpoint.
Actualice MaxSite CMS a la versión 109.2 o posterior. Esta actualización corrige la vulnerabilidad de inyección de código en el plugin MarkItUp. La actualización está disponible en el sitio web oficial de MaxSite CMS.
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2026-3395 is a code injection vulnerability in the MarkItUp Preview AJAX Endpoint of MaxSite CMS versions 109.0 through 109.1, allowing attackers to execute arbitrary code.
If you are using MaxSite CMS versions 109.0 or 109.1, you are potentially affected by this vulnerability. Upgrade to version 109.2 to mitigate the risk.
The recommended fix is to upgrade MaxSite CMS to version 109.2 or later. As a temporary workaround, restrict access to the vulnerable endpoint using a WAF or proxy.
While no active campaigns have been confirmed, a public exploit exists, increasing the likelihood of exploitation.
Refer to the MaxSite CMS security advisories for the latest information and updates regarding CVE-2026-3395.
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。