CVE 5.1 MEDIUM

Multiple vulnerabilities in GDTaller_CVE-2025-41027

April 12, 2026 invoker category_cve
5.1 / 10
MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Description

Reflected Cross Site Scripting (XSS) vulnerabilities in GDTaller. These vulnerabilities allows an attacker execute JavaScript code in the victim's browser by sending a malicious URL in 'site' parameter in 'app_recuperarclave.php'.

Basic Information

ID CVE-2025-41027
Source INCIBE
Published Mar 26, 2026 at 12:42
Modified Mar 26, 2026 at 13:22

Affected Product

Vendor GDTaller
Product GDTaller
Affected Versions GDTaller GDTaller 0

CWE Classification

CWE-79

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.