exploitDog

GHSA-848h-rrwq-hgjw

Опубликовано: 04 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 6.9

Описание

Loaded Commerce 6.6 contains a client-side template injection vulnerability that allows unauthenticated attackers to execute code on the server via the search parameter.

Loaded Commerce 6.6 contains a client-side template injection vulnerability that allows unauthenticated attackers to execute code on the server via the search parameter.

Ссылки

EPSS

Процентиль: 45%

0.00226

Низкий

6.9 Medium

CVSS4

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2025-66572

nvd

2 месяца назад

Loaded Commerce 6.6 contains a client-side template injection vulnerability that allows unauthenticated attackers to execute code on the server via the search parameter.

EPSS

Процентиль: 45%

0.00226

Низкий

6.9 Medium

CVSS4

CVE ID

Дефекты

CWE-78