Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-59467

Опубликовано: 05 янв. 2026
Источник: nvd
CVSS3: 7.5
EPSS Низкий

Описание

A Cross-Site Scripting (XSS) vulnerability in the UCRM Argentina AFIP invoices Plugin (v1.2.0 and earlier) could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page.

This plugin is disabled by default.

Affected Products: UCRM Argentina AFIP invoices Plugin (Version 1.2.0 and earlier)

Mitigation: Update UCRM Argentina AFIP invoices Plugin to Version 1.3.0 or later.

Ссылки

EPSS

Процентиль: 14%
0.00045
Низкий

7.5 High

CVSS3

Дефекты

CWE-79

Связанные уязвимости

github логотип

GHSA-436v-ch6r-3qxq

CVSS3: 7.5
github
около 1 месяца назад

A Cross-Site Scripting (XSS) vulnerability in the UCRM Argentina AFIP invoices Plugin (v1.2.0 and earlier) could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. This plugin is disabled by default. Affected Products: UCRM Argentina AFIP invoices Plugin (Version 1.2.0 and earlier) Mitigation: Update UCRM Argentina AFIP invoices Plugin to Version 1.3.0 or later.

EPSS

Процентиль: 14%
0.00045
Низкий

7.5 High

CVSS3

Дефекты

CWE-79