Количество 3
Количество 3
CVE-2025-28074
phpList before 3.6.15 is vulnerable to Cross-Site Scripting (XSS) due to improper input sanitization in lt.php. The vulnerability is exploitable when the application dynamically references internal paths and processes untrusted input without escaping, allowing an attacker to inject malicious JavaScript.
CVE-2025-28074
phpList before 3.6.15 is vulnerable to Cross-Site Scripting (XSS) due ...
GHSA-9vv2-f3c8-m9x6
phpList prior to 3.6.3 is vulnerable to Cross-Site Scripting (XSS) due to improper input sanitization in lt.php. The vulnerability is exploitable when the application dynamically references internal paths and processes untrusted input without escaping, allowing an attacker to inject malicious JavaScript.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-28074 phpList before 3.6.15 is vulnerable to Cross-Site Scripting (XSS) due to improper input sanitization in lt.php. The vulnerability is exploitable when the application dynamically references internal paths and processes untrusted input without escaping, allowing an attacker to inject malicious JavaScript. | CVSS3: 6.1 | 0% Низкий | 9 месяцев назад |
| CVE-2025-28074 phpList before 3.6.15 is vulnerable to Cross-Site Scripting (XSS) due ... | CVSS3: 6.1 | 0% Низкий | 9 месяцев назад |
| GHSA-9vv2-f3c8-m9x6 phpList prior to 3.6.3 is vulnerable to Cross-Site Scripting (XSS) due to improper input sanitization in lt.php. The vulnerability is exploitable when the application dynamically references internal paths and processes untrusted input without escaping, allowing an attacker to inject malicious JavaScript. | CVSS3: 6.1 | 0% Низкий | 9 месяцев назад |
Уязвимостей на страницу