CVE-2025-28074 Blast Radius

MEDIUM • CVSS 6.1phpList before 3.6.15 is vulnerable to Cross-Site Scripting (XSS) due to improper input sanitization in lt.php. The vulnerability is exploitable when

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2025-28074.

Start Free Scan →← Back to CVE-2025-28074