CVE-2025-48868 | horilla 1.3.0 Query Parameter eval eval injection (GHSA-h6qj-pwmx-wjhw)

A vulnerability identified as problematic has been detected in horilla 1.3.0. This impacts the function eval of the component Query Parameter Handler. Performing manipulation results in improper neutralization of directives in dynamically evaluated code.

This vulnerability is cataloged as CVE-2025-48868. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More