PT-2025-6960 · Unknown · Ad Inserter Pro

Trương Hữu Phúc

Publicado

2025-02-16

Atualizado

2025-02-18

CVE-2025-22680

CVSS v3.1

7.1

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions: Ad Inserter Pro versions n/a through 2.7.39

Description: The issue affects NotFound Ad Inserter Pro, allowing Reflected XSS due to improper neutralization of input during web page generation. This is a Cross-site Scripting vulnerability.

Recommendations: For versions n/a through 2.7.39, update to a version later than 2.7.39 to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2025-22680

Produtos afetados

Ad Inserter Pro

PT-2025-6960 · Unknown · Ad Inserter Pro

CVE-2025-22680

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7