-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| microweber/microweber | composer | <= 1.0.8 |
Miggo AIRoot Cause AnalysisThe vulnerability is explicitly tied to the 'keywords' parameter in search.php across all references (Netsparker example URL: /search.php?keywords=...). Reflected XSS occurs when user input is echoed without sanitization. While no specific function name is provided in advisories, the file (search.php) and parameter ('keywords') are consistently identified. In PHP, this typically involves direct use of $_GET['keywords'] in output contexts (e.g., echo, print) without htmlspecialchars() or equivalent escaping, which aligns with the described vulnerability mechanism.