Описание
DobryCMS in versions 2.* and lower is vulnerable to Reflected Cross-Site Scripting (XSS). Improper input validation in szukaj parameter allows arbitrary JavaScript to be executed on victim's browser when specially crafted URL is opened.
A hotfix for affected versions was released on 29.04.2025. It removes the vulnerability without incrementing the version.
EPSS
Процентиль: 23%
0.00075
Низкий
Дефекты
CWE-79
Связанные уязвимости
github
9 месяцев назад
DobryCMS in versions 2.* and lower is vulnerable to Reflected Cross-Site Scripting (XSS). Improper input validation in szukaj parameter allows arbitrary JavaScript to be executed on victim's browser when specially crafted URL is opened. A hotfix for affected versions was released on 29.04.2025. It removes the vulnerability without incrementing the version.
EPSS
Процентиль: 23%
0.00075
Низкий
Дефекты
CWE-79