-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe provided vulnerability reports and references do not include specific code snippets, commit diffs, or file paths that would allow precise identification of vulnerable functions. While the XSS vulnerability clearly exists in the handling of 'Minimum deposit', 'Maximum deposit', and 'Maximum balance' fields in the /panel/configuration/financial/ endpoint, the lack of accessible source code or patch details makes it impossible to determine the exact PHP functions responsible for input validation, data storage, or output rendering. The root cause likely involves missing output encoding in template rendering or insufficient input sanitization in configuration handlers, but without concrete code evidence, high-confidence function identification is not feasible.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| intelliants/subrion | composer | <= 4.2.1 |