-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability manifests in the image library's Organizer tags field where user input is reflected without proper sanitization. While exact function names aren't disclosed, the organizer.php entry point and image library panel/modules/plugins/ structure suggest a tag handling function would process() this input. The medium confidence reflects the lack of direct code evidence, but the clear XSS pattern in a specific admin interface field strongly indicates improper input sanitization in the tag persistence/render workflow.
PHPPHP| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| tribalsystems/zenario | composer | <= 9.7.61188 |
Ongoing coverage of React2Shell