5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.6%
The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag.
sourceforge.net/p/pivot-weblog/code/4487/