EPSS
Percentile
22.7%
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php chg parameter.
gist.github.com/p4nk4jv/68ae8b773dbea6d8769295ba96d9f1e3
www.nedi.ch/download/