CVE-2026-50745
MEDIUM
NVD
CVSS Score
4.7
Severity
MEDIUM
Published
Jun 26, 2026
Vendor
unknown
Description
A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing userβsupplied input to be reflected without escaping.