Vulnerability in N/a

CVE-2022-46889

A persistent cross-site scripting (XSS) vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web script or HTML via the title parameter used in /subtitles.php.

EPSS: 0.601 (99.0th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References