← volver
CVE-2026-50745

CVE-2026-50745

CVSS 4.7 MEDIUMEPSS 0.2%CWE-79
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.7EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
26 jun 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input to be reflected without escaping.
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
Productos afectados
Revive · Adserver