CVE-2025-41027
GDTaller is affected by CVE-2025-41027 for a Reflected XSS vulnerability. The issue allows an attacker to execute JavaScript in the victim’s browser by delivering a malicious URL via the site parameter of the app_recuperarclave.php endpoint. The linked sources report this as a reflected XSS vulne...