Ipublishmedia: >> Adportal >> 3.0.39 Security Vulnerabilities
Cross Site Scripting vulnerability iPublish Media Solutions AdPortal 3.0.39 allows a remote attacker to escalate privileges via the shippingAsBilling parameter in updateuserinfo.html.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-01-07
Server-Side Template Injection (SSTI) was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the shippingAsBilling and firstname parameters in updateuserinfo.html file
CVSS Score
9.8
EPSS Score
0.009
Published
2025-01-07