The vulnerability is a reflected Cross‑Site Scripting (XSS) flaw in the GDTaller application. An attacker can supply a specially crafted URL that contains a malicious JavaScript payload in the 'site' parameter of 'app_login.php'. When the victim visits that URL, the script executes within the victim’s browser context, allowing the attacker to execute arbitrary code, steal cookies, hijack sessions, or deface the site. The flaw does not affect server‑side state or data integrity directly, but it provides a foothold for further client‑side attacks.

The flaw is present in the GDTaller application, and affected versions are not explicitly listed in the advisory. The vendor indicates that the issue has been fixed in the current release. Administrators should verify that their deployments are running the patched version, or otherwise identify the specific version in use.

The CVSS score of 5.1 classifies the severity as moderate, and an EPSS score of less than 1% suggests a low likelihood of widespread exploitation at present. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the victim to visit a malicious link, making it a drive‑by or phishing vector that is easy to deliver but limited to users who click the URL. Because the flaw provides a client‑side execution path, the potential impact on confidentiality and integrity can be significant if combined with social engineering.