Количество 2
Количество 2
CVE-2025-70792
Cross Site Scripting vulnerability in the "/admin/category/create" endpoint of Microweber 2.0.19. An attacker can manipulate the "rel_id" parameter in a crafted URL and lure a user with admin privileges into visiting it, achieving JavaScript code execution in the victim's browser. The issue was reported to the developers and fixed in version 2.0.20.
GHSA-6w5w-jx4x-vjvw
Microweber Cross-site Scripting vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-70792 Cross Site Scripting vulnerability in the "/admin/category/create" endpoint of Microweber 2.0.19. An attacker can manipulate the "rel_id" parameter in a crafted URL and lure a user with admin privileges into visiting it, achieving JavaScript code execution in the victim's browser. The issue was reported to the developers and fixed in version 2.0.20. | CVSS3: 6.1 | 0% Низкий | 3 дня назад |
| GHSA-6w5w-jx4x-vjvw Microweber Cross-site Scripting vulnerability | CVSS3: 6.1 | 0% Низкий | 3 дня назад |
Уязвимостей на страницу