Vulnerability in N/a
CVE-2026-30578
File Thinghie 2.5.7 is vulnerable to Cross Site Scripting (XSS). A malicious user can leverage the "dir" parameter of the GET request to invoke arbitrary javascript code.
EPSS: 0.000 (14.2th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a