Описание
Koillection Cross Site Scripting vulnerability
Cross Site Scripting vulnerability in Koillection v.1.6.10 allows a remote attacker to escalate privileges via the collection, Wishlist and album components
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-29746
- https://github.com/benjaminjonard/koillection/issues/1329
- https://gist.github.com/unklerunkle/73e2ab58d1a5b9129be5de55765ea4fe
- https://github.com/benjaminjonard/koillection/releases/tag/1.6.11
- https://github.com/benjaminjonard/koillection/releases/tag/1.6.12
Пакеты
Наименование
koillection/koillection
composer
Затронутые версииВерсия исправления
< 1.6.12
1.6.12
Связанные уязвимости
CVSS3: 6.1
nvd
9 месяцев назад
Cross Site Scripting vulnerability in Koillection v.1.6.10 allows a remote attacker to escalate privileges via the collection, Wishlist and album components