AI Score
Confidence
High
EPSS
Percentile
21.3%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
A Reflected Cross-site scripting (XSS) vulnerability exists in ‘/search’ in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the ‘keywords’ parameter.