6.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.9%
TadTools special page parameter does not properly restrict the input of specific characters, thus remote attackers can inject JavaScript syntax without logging in, and further perform reflective XSS attacks.
www.twcert.org.tw/tw/cp-132-5169-327ef-1.html