In ICEcoder 8.0 allows, a reflected XSS vulnerability was identified in the multipe-results.php page due to insufficient sanitization of the _GET['replace'] variable. As a result, arbitrary Javascript code can get executed.
5.4CVSS
5.3AI Score
0.001EPSS
icecoder is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
4.8CVSS
5AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.002EPSS