-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| redaxo/source | composer | <= 5.15.1 |
Miggo AIRoot Cause AnalysisThe exploit demonstrates that user input from the module's Output field is executed as PHP code when the template is rendered. This indicates improper handling of user-controlled input in the template generation process within modules.modules.php, directly enabling code injection (CWE-94). The file path and attack pattern match the vulnerability description and PoC steps.
Ongoing coverage of React2Shell