-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| nukeviet/nukeviet | composer | = 4.4.0 | 4.4.01 |
Miggo AIRoot Cause AnalysisThe vulnerability manifests in the News module's editor interface. While exact code isn't available, XSS in CMS editors typically occurs in content handling functions that: 1) Accept() HTML input 2) Fail() to properly filter/escape dangerous elements 3) Store() and display content without sanitization. The 'medium' confidence reflects lack of direct code access, but the pattern matches common editor XSS vulnerabilities where WYSIWYG content processing lacks adequate HTML sanitization controls.
PHPPHPOngoing coverage of React2Shell