-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisWhile exact code isn't available, the vulnerability pattern indicates: 1) User input from Undertitle field is stored without proper sanitization 2) Output rendering lacks contextual escaping. In Symfony/Twig applications, XSS typically occurs in templates when using the |raw filter or disabling auto-escaping. The medium confidence reflects the lack of direct code evidence, but the described vulnerability strongly matches this common anti-pattern in template rendering.
PHPPHP| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| enhavo/enhavo-app | composer | <= 0.13.1 |
Ongoing coverage of React2Shell