exploitDog

CVE-2025-52179

Опубликовано: 30 окт. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Zucchetti Ad Hoc Revolution 4.1 and earlier allows remote unauthenticated attackers to inject arbitrary JavaScript via the pHtmlSource parameter of the /ahrw/jsp/gsfr_feditorHTML.jsp endpoint.

Ссылки

EPSS

Процентиль: 17%

0.00055

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-4fq3-g7gg-vxwr

CVSS3: 6.1

github

3 месяца назад

Cross-site scripting (XSS) vulnerability in Zucchetti Ad Hoc Revolution 4.1 and earlier allows remote unauthenticated attackers to inject arbitrary JavaScript via the pHtmlSource parameter of the /ahrw/jsp/gsfr_feditorHTML.jsp endpoint.

EPSS

Процентиль: 17%

0.00055

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79