5.9 Medium
AI Score
Confidence
High
0.032 Low
EPSS
Percentile
91.2%
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Flogr 2.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO or (2) an arbitrary parameter.