Title: HORILLA-OPENSOURCE HORILLA UP TO 1.0.2 LEADS GLOBAL.JS NOTES CROSS SITE SCRIPTING Vulnerability ID: VDB-347408, CVE-2026-3050, GCVE-100-347408 CVSS Meta Temp Score: 3.2 Current Exploit Price: $0-$5k CTI Interest Score: 1.61 Summary: - Vulnerability in horilla-opensource horilla up to 1.0.2, affecting an unknown function in of the Leads Module. - Manipulation of the argument leads to cross-site scripting. - Exploit is available; upgrading the affected component is recommended. Details: - Vulnerability affects an unknown code block in of the Leads Module. - Causes cross-site scripting due to improper neutralization of user-controllable input. - CWE-79. - Exploit is easy and can be launched remotely with user interaction. - Technical details and public exploits are available, attack technique as T1059.007. - Advisory can be downloaded from GitHub.