CVE-2026-50745 - [Vendor] Smarty URL Helper Cross-Site Scripting
CVE ID :CVE-2026-50745
Published : June 26, 2026, 1:11 a.m. | 3 hours, 30 minutes ago
Description :A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input to be reflected without escaping.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : June 26, 2026, 1:11 a.m. | 3 hours, 30 minutes ago
Description :A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input to be reflected without escaping.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...