PT-2026-21612 · Unknown · Horilla-Opensource Horilla
Alexperrakis
·
Publicado
2026-02-24
·
Atualizado
2026-02-24
·
CVE-2026-3050
CVSS v3.1
5.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
horilla-opensource horilla versions up to 1.0.2
Description
A security issue exists in horilla-opensource horilla, specifically within the Leads Module. The manipulation of the
Notes argument in an unknown function of the file static/assets/js/global.js can lead to cross-site scripting (XSS). This attack can be carried out remotely. The exploit has been published.Recommendations
Upgrade to version 1.0.3 to address this issue.
Exploit
Correção
XSS
Code Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Horilla-Opensource Horilla