Piwik Pro
1 CVEs
product
Monthly
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Piwik PRO allows Cross-Site Scripting (XSS).0.0 before 1.3.2. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XSS
Piwik Pro
Drupal
NVD
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-4415
EPSS 0%
CVSS 4.8
MEDIUM
PATCH
This Month
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Piwik PRO allows Cross-Site Scripting (XSS).0.0 before 1.3.2. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XSS
Piwik Pro
Drupal
NVD