GHSA-9c46-2jjw-rj67Medium

UBB.threads is vulnerable to Reflected XSS. The application improperly handles user input in...

Published
June 18, 2026
Last Modified
June 18, 2026

🔗 CVE IDs covered (1)

📋 Description

UBB.threads is vulnerable to Reflected XSS. The application improperly handles user input in certain requests, enabling attackers to execute arbitrary JavaScript in the context of a victim's browser by tricking them into clicking a crafted link.  Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions.

🔗 References (4)