exploitDog

GHSA-h9pr-pv2g-cx98

Опубликовано: 15 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Cross site scripting (XSS) vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors.

Cross site scripting (XSS) vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors.

Ссылки

EPSS

Процентиль: 12%

0.00039

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-67078

CVSS3: 6.1

nvd

23 дня назад

Cross site scripting (XSS) vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors.

EPSS

Процентиль: 12%

0.00039

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79