-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| tpwd/ke_search | composer | >= 3.0.0, <= 3.1.3 | 3.1.4 |
| tpwd/ke_search | composer | <= 2.8.2 | 2.8.3 |
PHPPHPMiggo AIRoot Cause AnalysisThe vulnerability stems from multiple instances of unescaped output of user-controlled data in HTML contexts. The commit diff shows critical additions of htmlspecialchars() and a new renderIndexingReport method that sanitizes output. Specifically:
Ongoing coverage of React2Shell