2025-11-24 00:00:00
mitre
PUBLISHED
A reflected cross-site scripting (XSS) vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a users browser via injecting a crafted payload into the color parameter.