Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-cwgj-rxvh-p9wp

Опубликовано: 22 янв. 2026
Источник: github
Github: Не прошло ревью
CVSS3: 7.2

Описание

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Craft craftcoffee allows DOM-Based XSS.This issue affects Craft: from n/a through <= 2.3.6.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Craft craftcoffee allows DOM-Based XSS.This issue affects Craft: from n/a through <= 2.3.6.

Ссылки

EPSS

Процентиль: 10%
0.00036
Низкий

7.2 High

CVSS3

CVE ID

CVE-2025-68538

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2025-68538

CVSS3: 7.1
nvd
16 дней назад

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Craft craftcoffee allows DOM-Based XSS.This issue affects Craft: from n/a through <= 2.3.6.

EPSS

Процентиль: 10%
0.00036
Низкий

7.2 High

CVSS3

CVE ID

CVE-2025-68538

Дефекты

CWE-79