CVE-2025-50927
08.08.2025, 18:15
A reflected cross-site scripting (XSS) vulnerability in the List All FTP User Function in EHCP v20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via injecting a crafted payload into the ftpusername parameter.
| Vendor | Product | Version |
|---|---|---|
| ehcp | easy_hosting_control_panel | 20.04.1.b:b |
𝑥
= Vulnerable software versions