-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| apache-solr-for-typo3/solr | composer | < 2.8.3 | 2.8.3 |
Miggo AIRoot Cause AnalysisThe patches show two distinct XSS vectors: 1) In facet option rendering where output lacked HTML escaping, and 2) In form parameter persistence where user input was embedded in HTML without sanitization. Both functions directly handle user-controllable data and were modified to add security controls (htmlspecialchars and XSS cleaning). The pre-patch versions of these functions would appear in profiler output when processing malicious payloads.