Description
The web application does not filter user-controlled input for executable script disguised using doubling of the involved characters.
CVE vulnerabilities with CWE-85 (2)
6.4
CVSS
MEDIUM
CVE-2024-13721
pub. 2025-01-25
5.4
CVSS
MEDIUM
CVE-2022-41676
pub. 2022-11-29