Vendor
AATF
Products
1
CVEs
1
Across products
1
Status
Private
Products
1- 1 CVE
Recent CVEs
1| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-55473 | Med | 0.40 | 6.1 | 0.00 | Sep 2, 2025 | Asian Arts Talents Foundation (AATF) Website v5.1.x and Docker version 2024.12.8.1 are vulnerable to Cross Site Scripting (XSS). The vulnerability exists in the /ip.php endpoint, which processes and displays the X-Forwarded-For HTTP header without proper sanitization or output encoding. This allows an attacker to inject malicious JavaScript code that will execute in visitor browsers. |