Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
1033 vulnerabilities
CVE-2026-3024 (GCVE-0-2026-3024)
Vulnerability from cvelistv5 – Published: 2026-03-16 10:13 – Updated: 2026-03-16 13:25
VLAI?
Title
Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma application web
Summary
Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/configuracion/agenda/modelo-formulario-evento'. A user with permission to create personalized accounts could exploit this vulnerability simply by creating a malicious survey that would harm the entire veterinary team. At the same time, a user with low privileges could exploit this vulnerability to access unauthorized data and perform actions with elevated privileges.
Severity ?
CWE
- CWE-79 - Improper neutralization of input during web page generation ('cross-site scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wakyma | Wakyma application web |
Affected:
all versions
|
Date Public ?
2026-03-16 10:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3024",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T13:24:44.572756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T13:25:02.460Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Wakyma application web",
"vendor": "Wakyma",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wakyma:wakyma_application_web:all_versions:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2026-03-16T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma web application, specifically in the endpoint \u0027vets.wakyma.com/configuracion/agenda/modelo-formulario-evento\u0027. A user with permission to create personalized accounts could exploit this vulnerability simply by creating a malicious survey that would harm the entire veterinary team. At the same time, a user with low privileges could exploit this vulnerability to access unauthorized data and perform actions with elevated privileges."
}
],
"value": "Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma web application, specifically in the endpoint \u0027vets.wakyma.com/configuracion/agenda/modelo-formulario-evento\u0027. A user with permission to create personalized accounts could exploit this vulnerability simply by creating a malicious survey that would harm the entire veterinary team. At the same time, a user with low privileges could exploit this vulnerability to access unauthorized data and perform actions with elevated privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T10:13:37.130Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wakyma-application-web"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Wakyma has fixed the vulnerability in the continuous integration deployed in production since February 19, 2026."
}
],
"value": "Wakyma has fixed the vulnerability in the continuous integration deployed in production since February 19, 2026."
}
],
"source": {
"defect": [
"Bruno L\u00f3pez Trigo (n0d0n)"
],
"discovery": "EXTERNAL"
},
"title": "Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma application web",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-3024",
"datePublished": "2026-03-16T10:13:37.130Z",
"dateReserved": "2026-02-23T13:43:57.015Z",
"dateUpdated": "2026-03-16T13:25:02.460Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3023 (GCVE-0-2026-3023)
Vulnerability from cvelistv5 – Published: 2026-03-16 10:12 – Updated: 2026-03-16 13:25
VLAI?
Title
Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web
Summary
Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/pets/print-tags'. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose of injecting NoSQL commands, allowing them to list both pets and owner names.
Severity ?
CWE
- CWE-943 - Improper Neutralization of Special Elements in Data Query Logic
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wakyma | Wakyma application web |
Affected:
all versions
|
Date Public ?
2026-03-16 10:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3023",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T13:25:21.277429Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T13:25:33.440Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Wakyma application web",
"vendor": "Wakyma",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wakyma:wakyma_application_web:all_versions:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2026-03-16T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint \u0027vets.wakyma.com/pets/print-tags\u0027. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose of injecting NoSQL commands, allowing them to list both pets and owner names."
}
],
"value": "Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint \u0027vets.wakyma.com/pets/print-tags\u0027. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose of injecting NoSQL commands, allowing them to list both pets and owner names."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-943",
"description": "CWE-943: Improper Neutralization of Special Elements in Data Query Logic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T10:12:53.281Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wakyma-application-web"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Wakyma has fixed the vulnerability in the continuous integration deployed in production since February 19, 2026."
}
],
"value": "Wakyma has fixed the vulnerability in the continuous integration deployed in production since February 19, 2026."
}
],
"source": {
"defect": [
"Bruno L\u00f3pez Trigo (n0d0n)"
],
"discovery": "EXTERNAL"
},
"title": "Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-3023",
"datePublished": "2026-03-16T10:12:53.281Z",
"dateReserved": "2026-02-23T13:43:56.162Z",
"dateUpdated": "2026-03-16T13:25:33.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3022 (GCVE-0-2026-3022)
Vulnerability from cvelistv5 – Published: 2026-03-16 10:11 – Updated: 2026-03-16 15:26
VLAI?
Title
Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web
Summary
Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/hospitalization/generate-hospitalization-summary'. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose of injecting special NoSQL commands, resulting in the attacker being able to obtain customer reports.
Severity ?
CWE
- CWE-943 - Improper Neutralization of Special Elements in Data Query Logic
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wakyma | Wakyma application web |
Affected:
all versions
|
Date Public ?
2026-03-16 10:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3022",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T15:26:25.584071Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T15:26:40.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Wakyma application web",
"vendor": "Wakyma",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wakyma:wakyma_application_web:all_versions:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2026-03-16T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint \u0027vets.wakyma.com/hospitalization/generate-hospitalization-summary\u0027. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose of injecting special NoSQL commands, resulting in the attacker being able to obtain customer reports."
}
],
"value": "Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint \u0027vets.wakyma.com/hospitalization/generate-hospitalization-summary\u0027. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose of injecting special NoSQL commands, resulting in the attacker being able to obtain customer reports."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-943",
"description": "CWE-943: Improper Neutralization of Special Elements in Data Query Logic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T10:12:43.164Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wakyma-application-web"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Wakyma has fixed the vulnerability in the continuous integration deployed in production since February 19, 2026."
}
],
"value": "Wakyma has fixed the vulnerability in the continuous integration deployed in production since February 19, 2026."
}
],
"source": {
"defect": [
"Bruno L\u00f3pez Trigo (n0d0n)"
],
"discovery": "EXTERNAL"
},
"title": "Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-3022",
"datePublished": "2026-03-16T10:11:30.207Z",
"dateReserved": "2026-02-23T13:43:55.333Z",
"dateUpdated": "2026-03-16T15:26:40.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3021 (GCVE-0-2026-3021)
Vulnerability from cvelistv5 – Published: 2026-03-16 10:11 – Updated: 2026-03-16 15:27
VLAI?
Title
Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web
Summary
Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/centro/equipo/empleado'. This vulnerability could allow an authenticated user to alter a GET request to the affected endpoint for the purpose of injecting special NoSQL commands. This would lead to the enumeration of sensitive employee data.
Severity ?
CWE
- CWE-943 - Improper Neutralization of Special Elements in Data Query Logic
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wakyma | Wakyma application web |
Affected:
all versions
|
Date Public ?
2026-03-16 10:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3021",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T15:26:54.898257Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T15:27:11.828Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Wakyma application web",
"vendor": "Wakyma",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wakyma:wakyma_application_web:all_versions:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2026-03-16T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint \u0027vets.wakyma.com/centro/equipo/empleado\u0027. This vulnerability could allow an authenticated user to alter a GET request to the affected endpoint for the purpose of injecting special NoSQL commands. This would lead to the enumeration of sensitive employee data."
}
],
"value": "Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint \u0027vets.wakyma.com/centro/equipo/empleado\u0027. This vulnerability could allow an authenticated user to alter a GET request to the affected endpoint for the purpose of injecting special NoSQL commands. This would lead to the enumeration of sensitive employee data."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-943",
"description": "CWE-943: Improper Neutralization of Special Elements in Data Query Logic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T10:11:11.742Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wakyma-application-web"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Wakyma has fixed the vulnerability in the continuous integration deployed in production since February 19, 2026."
}
],
"value": "Wakyma has fixed the vulnerability in the continuous integration deployed in production since February 19, 2026."
}
],
"source": {
"defect": [
"Bruno L\u00f3pez Trigo (n0d0n)"
],
"discovery": "EXTERNAL"
},
"title": "Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-3021",
"datePublished": "2026-03-16T10:11:11.742Z",
"dateReserved": "2026-02-23T13:43:54.643Z",
"dateUpdated": "2026-03-16T15:27:11.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3020 (GCVE-0-2026-3020)
Vulnerability from cvelistv5 – Published: 2026-03-16 10:09 – Updated: 2026-03-16 15:27
VLAI?
Title
Identity based authorization bypass vulnerability (IDOR) in the Wakyma application web
Summary
Identity based authorization bypass vulnerability (IDOR) that allows an attacker to modify the data of a legitimate user account, such as changing the victim's email address, validating the new email address, and requesting a new password. This could allow them to take complete control of other users' legitimate accounts
Severity ?
CWE
- CWE-639 - Authorization bypass through User-Controlled key
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wakyma | Wakyma application web |
Affected:
all versions
|
Date Public ?
2026-03-16 10:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T15:27:28.534684Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T15:27:44.272Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Wakyma application web",
"vendor": "Wakyma",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wakyma:wakyma_application_web:all_versions:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2026-03-16T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Identity based authorization bypass vulnerability (IDOR) that allows an attacker to modify the data of a legitimate user account, such as changing the victim\u0027s email address, validating the new email address, and requesting a new password. This could allow them to take complete control of other users\u0027 legitimate accounts"
}
],
"value": "Identity based authorization bypass vulnerability (IDOR) that allows an attacker to modify the data of a legitimate user account, such as changing the victim\u0027s email address, validating the new email address, and requesting a new password. This could allow them to take complete control of other users\u0027 legitimate accounts"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization bypass through User-Controlled key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T10:09:54.621Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wakyma-application-web"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Wakyma has fixed the vulnerability in the continuous integration deployed in production since February 19, 2026."
}
],
"value": "Wakyma has fixed the vulnerability in the continuous integration deployed in production since February 19, 2026."
}
],
"source": {
"defect": [
"Bruno L\u00f3pez Trigo (n0d0n)"
],
"discovery": "EXTERNAL"
},
"title": "Identity based authorization bypass vulnerability (IDOR) in the Wakyma application web",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-3020",
"datePublished": "2026-03-16T10:09:54.621Z",
"dateReserved": "2026-02-23T13:43:53.578Z",
"dateUpdated": "2026-03-16T15:27:44.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3111 (GCVE-0-2026-3111)
Vulnerability from cvelistv5 – Published: 2026-03-16 09:37 – Updated: 2026-03-16 18:57
VLAI?
Title
Multiple vulnerabilities on the Educativa Campus
Summary
Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the endpoint '/archivos/usuarios/[ID]/[username]/thumb_AAxAA.jpg' (translated as 80x90 and 40x45). Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos of all users via a manipulated URL, enabling them to collect user photos en masse. This could lead to these photos being used maliciously to impersonate identities, perform social engineering, link identities across platforms using facial recognition, or even carry out doxxing.
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |
|---|---|---|
Date Public ?
2026-03-16 09:30
Credits
Rubén Álvarez Elena
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3111",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T18:56:50.914912Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T18:57:16.114Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Campus",
"vendor": "Educativa",
"versions": [
{
"status": "affected",
"version": "14.05.00-35"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:educativa:campus:14.05.00-35:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rub\u00e9n \u00c1lvarez Elena"
}
],
"datePublic": "2026-03-16T09:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the endpoint \u0027/archivos/usuarios/[ID]/[username]/thumb_AAxAA.jpg\u0027 (translated as 80x90 and 40x45). Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos of all users via a manipulated URL, enabling them to collect user photos en masse. This could lead to these photos being used maliciously to impersonate identities, perform social engineering, link identities across platforms using facial recognition, or even carry out doxxing."
}
],
"value": "Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the endpoint \u0027/archivos/usuarios/[ID]/[username]/thumb_AAxAA.jpg\u0027 (translated as 80x90 and 40x45). Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos of all users via a manipulated URL, enabling them to collect user photos en masse. This could lead to these photos being used maliciously to impersonate identities, perform social engineering, link identities across platforms using facial recognition, or even carry out doxxing."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T09:37:48.364Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-educativa-campus"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerabilities have been fixed by Educativa team in version 14.05.00-159 and latest."
}
],
"value": "The vulnerabilities have been fixed by Educativa team in version 14.05.00-159 and latest."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple vulnerabilities on the Educativa Campus",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-3111",
"datePublished": "2026-03-16T09:37:48.364Z",
"dateReserved": "2026-02-24T10:54:35.705Z",
"dateUpdated": "2026-03-16T18:57:16.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3110 (GCVE-0-2026-3110)
Vulnerability from cvelistv5 – Published: 2026-03-16 09:36 – Updated: 2026-03-16 18:58
VLAI?
Title
Multiple vulnerabilities on the Educativa Campus
Summary
Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the endpoint '/administracion/admin_usuarios.cgi?filtro_estado=T&wAccion=listado_xlsx&wBuscar=&wFiltrar=&wOrden=alta_usuario&wid_cursoActual=[ID]' where the data of users enrolled in the course is exported. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access user data (e.g., usernames, first and last names, email addresses, and phone numbers) and retrieve the data of all users enrolled in courses by performing a brute-force attack on the course ID via a manipulated URL.
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |
|---|---|---|
Date Public ?
2026-03-16 09:30
Credits
Rubén Álvarez Elena
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3110",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T18:57:28.919142Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T18:58:35.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Campus",
"vendor": "Educativa",
"versions": [
{
"status": "affected",
"version": "14.05.00-35"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:educativa:campus:14.05.00-35:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rub\u00e9n \u00c1lvarez Elena"
}
],
"datePublic": "2026-03-16T09:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the endpoint \u0027/administracion/admin_usuarios.cgi?filtro_estado=T\u0026amp;wAccion=listado_xlsx\u0026amp;wBuscar=\u0026amp;wFiltrar=\u0026amp;wOrden=alta_usuario\u0026amp;wid_cursoActual=[ID]\u0027 where the data of users enrolled in the course is exported. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access user data (e.g., usernames, first and last names, email addresses, and phone numbers) and retrieve the data of all users enrolled in courses by performing a brute-force attack on the course ID via a manipulated URL."
}
],
"value": "Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the endpoint \u0027/administracion/admin_usuarios.cgi?filtro_estado=T\u0026wAccion=listado_xlsx\u0026wBuscar=\u0026wFiltrar=\u0026wOrden=alta_usuario\u0026wid_cursoActual=[ID]\u0027 where the data of users enrolled in the course is exported. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access user data (e.g., usernames, first and last names, email addresses, and phone numbers) and retrieve the data of all users enrolled in courses by performing a brute-force attack on the course ID via a manipulated URL."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T09:36:17.088Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-educativa-campus"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerabilities have been fixed by Educativa team in version 14.05.00-159 and latest."
}
],
"value": "The vulnerabilities have been fixed by Educativa team in version 14.05.00-159 and latest."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple vulnerabilities on the Educativa Campus",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-3110",
"datePublished": "2026-03-16T09:36:17.088Z",
"dateReserved": "2026-02-24T10:54:34.006Z",
"dateUpdated": "2026-03-16T18:58:35.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40639 (GCVE-0-2025-40639)
Vulnerability from cvelistv5 – Published: 2026-03-09 09:31 – Updated: 2026-03-09 20:05
VLAI?
Title
SQL injection in Eventobot
Summary
A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promo_send' parameter in the '/assets/php/calculate_discount.php'.
Severity ?
CWE
- CWE-89 - Improper neutralization of special elements used in an SQL command ('SQL injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Credits
Gonzalo Aguilar García (6h4ack)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40639",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-09T20:04:50.459684Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-09T20:05:09.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Eventobot",
"vendor": "EVENTOBOT",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eventobot:eventobot:all_versions:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gonzalo Aguilar Garc\u00eda (6h4ack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the \u0027promo_send\u0027 parameter in the \u0027/assets/php/calculate_discount.php\u0027."
}
],
"value": "A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the \u0027promo_send\u0027 parameter in the \u0027/assets/php/calculate_discount.php\u0027."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper neutralization of special elements used in an SQL command (\u0027SQL injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-09T09:31:10.928Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-eventobot"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability has been fixed by the Eventobot team in the latest version."
}
],
"value": "The vulnerability has been fixed by the Eventobot team in the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SQL injection in Eventobot",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2025-40639",
"datePublished": "2026-03-09T09:31:10.928Z",
"dateReserved": "2025-04-16T08:38:10.819Z",
"dateUpdated": "2026-03-09T20:05:09.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40638 (GCVE-0-2025-40638)
Vulnerability from cvelistv5 – Published: 2026-03-09 09:04 – Updated: 2026-03-09 20:05
VLAI?
Title
Reflected Cross-Site Scripting (XSS) in Eventobot
Summary
A reflected Cross-Site Scripting (XSS) vulnerability has been
found in Eventobot. This vulnerability allows an attacker to execute
JavaScript code in the victim's browser by sending him/her a malicious
URL using the 'name' parameter in '/search-results'. This vulnerability
can be exploited to steal sensitive user data, such as session cookies,
or to perform actions on behalf of the user.
Severity ?
CWE
- CWE-79 - Improper neutralization of input during web page generation ('cross-site scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Date Public ?
2026-03-09 09:03
Credits
Gonzalo Aguilar García (6h4ack)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40638",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-09T20:05:23.183188Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-09T20:05:31.167Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Eventobot",
"vendor": "EVENTOBOT",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eventobot:eventobot:all_versions:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gonzalo Aguilar Garc\u00eda (6h4ack)"
}
],
"datePublic": "2026-03-09T09:03:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected Cross-Site Scripting (XSS) vulnerability has been \nfound in Eventobot. This vulnerability allows an attacker to execute \nJavaScript code in the victim\u0027s browser by sending him/her a malicious \nURL using the \u0027name\u0027 parameter in \u0027/search-results\u0027. This vulnerability \ncan be exploited to steal sensitive user data, such as session cookies, \nor to perform actions on behalf of the user."
}
],
"value": "A reflected Cross-Site Scripting (XSS) vulnerability has been \nfound in Eventobot. This vulnerability allows an attacker to execute \nJavaScript code in the victim\u0027s browser by sending him/her a malicious \nURL using the \u0027name\u0027 parameter in \u0027/search-results\u0027. This vulnerability \ncan be exploited to steal sensitive user data, such as session cookies, \nor to perform actions on behalf of the user."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-09T09:04:35.730Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-eventobot"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u0026nbsp;The vulnerability has been fixed by the Eventobot team in the latest version.\u0026nbsp;\u0026nbsp;"
}
],
"value": "The vulnerability has been fixed by the Eventobot team in the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Reflected Cross-Site Scripting (XSS) in Eventobot",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2025-40638",
"datePublished": "2026-03-09T09:04:35.730Z",
"dateReserved": "2025-04-16T08:38:10.819Z",
"dateUpdated": "2026-03-09T20:05:31.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2584 (GCVE-0-2026-2584)
Vulnerability from cvelistv5 – Published: 2026-03-02 09:01 – Updated: 2026-03-02 13:24
VLAI?
Title
SQL Injection in Ciser System SL firmware
Summary
A critical SQL Injection (SQLi) vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker (AV:N/PR:N) can exploit this flaw by sending specially crafted SQL queries through the login interface. Due to low attack complexity (AC:L) and the absence of specific requirements (AT:N), the vulnerability allows for a total compromise of the system's configuration data (VC:H/VI:H). While the availability of the service remains unaffected (VA:N), the breach may lead to a limited exposure of sensitive information regarding subsequent or interconnected systems (SC:L).
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ciser System SL | CSIP firmware |
Affected:
3.0 to 5.1
(fixed)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2584",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-02T13:23:54.693229Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-02T13:24:05.109Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CSIP firmware",
"vendor": "Ciser System SL",
"versions": [
{
"status": "affected",
"version": "3.0 to 5.1",
"versionType": "fixed"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A critical SQL Injection (SQLi) vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker (AV:N/PR:N) can exploit this flaw by sending specially crafted SQL queries through the login interface. Due to low attack complexity (AC:L) and the absence of specific requirements (AT:N), the vulnerability allows for a total compromise of the system\u0027s configuration data (VC:H/VI:H). While the availability of the service remains unaffected (VA:N), the breach may lead to a limited exposure of sensitive information regarding subsequent or interconnected systems (SC:L)."
}
],
"value": "A critical SQL Injection (SQLi) vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker (AV:N/PR:N) can exploit this flaw by sending specially crafted SQL queries through the login interface. Due to low attack complexity (AC:L) and the absence of specific requirements (AT:N), the vulnerability allows for a total compromise of the system\u0027s configuration data (VC:H/VI:H). While the availability of the service remains unaffected (VA:N), the breach may lead to a limited exposure of sensitive information regarding subsequent or interconnected systems (SC:L)."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-02T09:01:12.291Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-ciser-system-sl-firmware"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe vulnerability has been fixed by the vendor through improved input validation logic and parameterized queries:\u003c/p\u003e\u003cp\u003eIt is recommended to update to firmware version 5.3 or higher. This version mitigates the risk by ensuring that SQL queries are handled securely, effectively neutralizing the injection vector.\u003c/p\u003e"
}
],
"value": "The vulnerability has been fixed by the vendor through improved input validation logic and parameterized queries:\n\nIt is recommended to update to firmware version 5.3 or higher. This version mitigates the risk by ensuring that SQL queries are handled securely, effectively neutralizing the injection vector."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SQL Injection in Ciser System SL firmware",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf an immediate firmware update is not feasible, network-level controls must be implemented to reduce the attack surface:\u003c/p\u003e\u003cul\u003e\u003cli\u003eAccess Restriction: Limit access to the management or login panel using an Allowlist. All connection attempts from untrusted networks or the public internet must be strictly blocked.\u003c/li\u003e\u003cli\u003eNetwork Segmentation: Isolate the management interface within a dedicated management VLAN, accessible only through a secure corporate VPN.\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "If an immediate firmware update is not feasible, network-level controls must be implemented to reduce the attack surface:\n\n * Access Restriction: Limit access to the management or login panel using an Allowlist. All connection attempts from untrusted networks or the public internet must be strictly blocked.\n * Network Segmentation: Isolate the management interface within a dedicated management VLAN, accessible only through a secure corporate VPN."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-2584",
"datePublished": "2026-03-02T09:01:12.291Z",
"dateReserved": "2026-02-16T13:17:13.207Z",
"dateUpdated": "2026-03-02T13:24:05.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2680 (GCVE-0-2026-2680)
Vulnerability from cvelistv5 – Published: 2026-02-26 12:18 – Updated: 2026-02-26 14:04
VLAI?
Title
Multiple vulnerabilities in A3factura software
Summary
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerVATNumber', in 'a3factura-app.wolterskluwer.es/#/incomes/salesDeliveryNotes' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Date Public ?
2026-02-26 12:12
Credits
David Padilla Alvarado
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2680",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T14:03:32.345749Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:04:31.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "A3factura",
"vendor": "A3factura",
"versions": [
{
"status": "affected",
"version": "4.111.2-rev.1"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:a3factura:a3factura:4.111.2-rev.1:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "David Padilla Alvarado"
}
],
"datePublic": "2026-02-26T12:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter \u0027customerVATNumber\u0027, in \u0027a3factura-app.wolterskluwer.es/#/incomes/salesDeliveryNotes\u0027 endpoint,\u0026nbsp;which could allow an attacker to execute arbitrary code in the victim\u0027s browser."
}
],
"value": "Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter \u0027customerVATNumber\u0027, in \u0027a3factura-app.wolterskluwer.es/#/incomes/salesDeliveryNotes\u0027 endpoint,\u00a0which could allow an attacker to execute arbitrary code in the victim\u0027s browser."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T12:18:48.247Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-a3factura-software"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fix has been deployed in production in version 4.114.0-rev.6, released on 17/02/2026."
}
],
"value": "The fix has been deployed in production in version 4.114.0-rev.6, released on 17/02/2026."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple vulnerabilities in A3factura software",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-2680",
"datePublished": "2026-02-26T12:18:48.247Z",
"dateReserved": "2026-02-18T11:25:14.228Z",
"dateUpdated": "2026-02-26T14:04:31.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2679 (GCVE-0-2026-2679)
Vulnerability from cvelistv5 – Published: 2026-02-26 12:18 – Updated: 2026-02-26 14:06
VLAI?
Title
Multiple vulnerabilities in A3factura software
Summary
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerName', in 'a3factura-app.wolterskluwer.es/#/incomes/salesInvoices' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Date Public ?
2026-02-26 12:12
Credits
David Padilla Alvarado
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T14:05:20.492909Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:06:26.035Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "A3factura",
"vendor": "A3factura",
"versions": [
{
"status": "affected",
"version": "4.111.2-rev.1"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:a3factura:a3factura:4.111.2-rev.1:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "David Padilla Alvarado"
}
],
"datePublic": "2026-02-26T12:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter \u0027customerName\u0027, in \u0027a3factura-app.wolterskluwer.es/#/incomes/salesInvoices\u0027 endpoint,\u0026nbsp;which could allow an attacker to execute arbitrary code in the victim\u0027s browser."
}
],
"value": "Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter \u0027customerName\u0027, in \u0027a3factura-app.wolterskluwer.es/#/incomes/salesInvoices\u0027 endpoint,\u00a0which could allow an attacker to execute arbitrary code in the victim\u0027s browser."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T12:18:13.402Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-a3factura-software"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fix has been deployed in production in version 4.114.0-rev.6, released on 17/02/2026."
}
],
"value": "The fix has been deployed in production in version 4.114.0-rev.6, released on 17/02/2026."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple vulnerabilities in A3factura software",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-2679",
"datePublished": "2026-02-26T12:18:13.402Z",
"dateReserved": "2026-02-18T11:25:13.322Z",
"dateUpdated": "2026-02-26T14:06:26.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2678 (GCVE-0-2026-2678)
Vulnerability from cvelistv5 – Published: 2026-02-26 12:17 – Updated: 2026-02-26 14:09
VLAI?
Title
Multiple vulnerabilities in A3factura software
Summary
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', parameter 'name', in 'a3factura-app.wolterskluwer.es/#/incomes/customers' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Date Public ?
2026-02-26 12:12
Credits
David Padilla Alvarado
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2678",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T14:08:15.828055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:09:15.966Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "A3factura",
"vendor": "A3factura",
"versions": [
{
"status": "affected",
"version": "4.111.2-rev.1"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:a3factura:a3factura:4.111.2-rev.1:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "David Padilla Alvarado"
}
],
"datePublic": "2026-02-26T12:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in\u0026nbsp;parameter \u0027name\u0027, parameter \u0027name\u0027, in \u0027a3factura-app.wolterskluwer.es/#/incomes/customers\u0027 endpoint,\u0026nbsp;which could allow an attacker to execute arbitrary code in the victim\u0027s browser."
}
],
"value": "Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in\u00a0parameter \u0027name\u0027, parameter \u0027name\u0027, in \u0027a3factura-app.wolterskluwer.es/#/incomes/customers\u0027 endpoint,\u00a0which could allow an attacker to execute arbitrary code in the victim\u0027s browser."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T12:17:17.445Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-a3factura-software"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fix has been deployed in production in version 4.114.0-rev.6, released on 17/02/2026."
}
],
"value": "The fix has been deployed in production in version 4.114.0-rev.6, released on 17/02/2026."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple vulnerabilities in A3factura software",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-2678",
"datePublished": "2026-02-26T12:17:17.445Z",
"dateReserved": "2026-02-18T11:25:12.270Z",
"dateUpdated": "2026-02-26T14:09:15.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2677 (GCVE-0-2026-2677)
Vulnerability from cvelistv5 – Published: 2026-02-26 12:16 – Updated: 2026-02-26 14:13
VLAI?
Title
Multiple vulnerabilities in A3factura software
Summary
Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', in 'a3factura-app.wolterskluwer.es/#/incomes/representatives-management' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Date Public ?
2026-02-26 12:12
Credits
David Padilla Alvarado
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2677",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T14:12:20.935736Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:13:41.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "A3factura",
"vendor": "A3factura",
"versions": [
{
"status": "affected",
"version": "4.111.2-rev.1"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:a3factura:a3factura:4.111.2-rev.1:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "David Padilla Alvarado"
}
],
"datePublic": "2026-02-26T12:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in\u0026nbsp;parameter \u0027name\u0027, in \u0027a3factura-app.wolterskluwer.es/#/incomes/representatives-management\u0027 endpoint,\u0026nbsp;which could allow an attacker to execute arbitrary code in the victim\u0027s browser."
}
],
"value": "Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in\u00a0parameter \u0027name\u0027, in \u0027a3factura-app.wolterskluwer.es/#/incomes/representatives-management\u0027 endpoint,\u00a0which could allow an attacker to execute arbitrary code in the victim\u0027s browser."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T12:16:40.662Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-a3factura-software"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The fix has been deployed in production in version 4.114.0-rev.6, released on 17/02/2026."
}
],
"value": "The fix has been deployed in production in version 4.114.0-rev.6, released on 17/02/2026."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple vulnerabilities in A3factura software",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-2677",
"datePublished": "2026-02-26T12:16:03.068Z",
"dateReserved": "2026-02-18T11:13:26.456Z",
"dateUpdated": "2026-02-26T14:13:41.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40986 (GCVE-0-2025-40986)
Vulnerability from cvelistv5 – Published: 2026-02-23 10:31 – Updated: 2026-02-24 13:24
VLAI?
Title
Reflected Cross-Site Scripting in PideTuCita
Summary
Reflected Cross-Site Scripting (XSS) vulnerability in PideTuCita. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL using the endpoint 'cookies/indes.php/<XSS>'. This vulnerability can be exploited to steal confidential user data, such as session cookies or to perform actions on behalf of the user.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PideTuCita | PideTuCita |
Affected:
v6.0.52
|
Date Public ?
2026-02-23 10:28
Credits
Gonzalo Aguilar García (6h4ack)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40986",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-23T12:42:38.708173Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-23T12:42:57.437Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PideTuCita",
"vendor": "PideTuCita",
"versions": [
{
"status": "affected",
"version": "v6.0.52"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pidetucita:pidetucita:v6.0.52:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gonzalo Aguilar Garc\u00eda (6h4ack)"
}
],
"datePublic": "2026-02-23T10:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in PideTuCita. This vulnerability allows an attacker to execute JavaScript code in the victim\u0027s browser by sending him/her a malicious URL using the endpoint \u0027cookies/indes.php/\u0026lt;XSS\u0026gt;\u0027. This vulnerability can be exploited to steal confidential user data, such as session cookies or to perform actions on behalf of the user."
}
],
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in PideTuCita. This vulnerability allows an attacker to execute JavaScript code in the victim\u0027s browser by sending him/her a malicious URL using the endpoint \u0027cookies/indes.php/\u003cXSS\u003e\u0027. This vulnerability can be exploited to steal confidential user data, such as session cookies or to perform actions on behalf of the user."
},
{
"lang": "es",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Vulnerabilidad de tipo Cross-Site Scripting (XSS) reflejado en PideTuCita. Esta permite a un atacante ejecutar c\u00f3digo JavaScript en el navegador de la v\u00edctima envi\u00e1ndole una URL maliciosa utilizando el endpoint \u0027cookies/indes.php/\u0026lt;XSS\u0026gt;\u0027. Esta vulnerabilidad puede explotarse para robar datos confidenciales del usuario, como cookies de sesi\u00f3n, o para realizar acciones en nombre del usuario."
}
],
"value": "Vulnerabilidad de tipo Cross-Site Scripting (XSS) reflejado en PideTuCita. Esta permite a un atacante ejecutar c\u00f3digo JavaScript en el navegador de la v\u00edctima envi\u00e1ndole una URL maliciosa utilizando el endpoint \u0027cookies/indes.php/\u003cXSS\u003e\u0027. Esta vulnerabilidad puede explotarse para robar datos confidenciales del usuario, como cookies de sesi\u00f3n, o para realizar acciones en nombre del usuario."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T13:24:29.061Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-pidetucita"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability has been fixed by the PideTuCita team in version 6.0.52.\u003cbr\u003e"
}
],
"value": "The vulnerability has been fixed by the PideTuCita team in version 6.0.52."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting in PideTuCita",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2025-40986",
"datePublished": "2026-02-23T10:31:25.455Z",
"dateReserved": "2025-04-16T09:08:37.855Z",
"dateUpdated": "2026-02-24T13:24:29.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40701 (GCVE-0-2025-40701)
Vulnerability from cvelistv5 – Published: 2026-02-23 10:23 – Updated: 2026-02-24 13:25
VLAI?
Title
Reflected Cross-Site scripting (XSS) in SOTE's SOTESHOP
Summary
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal sensitive user information such as session cookies, or to perform actions on their behalf.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Date Public ?
2026-02-23 10:11
Credits
Gonzalo Aguilar García (6h4ack)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40701",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-23T12:43:41.964675Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-23T12:44:00.221Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SOTESHOP",
"vendor": "SOTE",
"versions": [
{
"status": "affected",
"version": "8.3.4"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sote:soteshop:8.3.4:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gonzalo Aguilar Garc\u00eda (6h4ack)"
}
],
"datePublic": "2026-02-23T10:11:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim\u0027s browser when a malicious URL with the \u0027id\u0027 parameter in \u0027/adsTracker/checkAds\u0027 is sent to the victim. The vulnerability can be exploited to steal sensitive user information such as session cookies, or to perform actions on their behalf."
}
],
"value": "Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim\u0027s browser when a malicious URL with the \u0027id\u0027 parameter in \u0027/adsTracker/checkAds\u0027 is sent to the victim. The vulnerability can be exploited to steal sensitive user information such as session cookies, or to perform actions on their behalf."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T13:25:45.940Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-xss-sotes-soteshop"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability has been fixed by the SOTE team in version 8.3.5.\u003cbr\u003e"
}
],
"value": "The vulnerability has been fixed by the SOTE team in version 8.3.5."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site scripting (XSS) in SOTE\u0027s SOTESHOP",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2025-40701",
"datePublished": "2026-02-23T10:23:51.497Z",
"dateReserved": "2025-04-16T08:38:18.261Z",
"dateUpdated": "2026-02-24T13:25:45.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41002 (GCVE-0-2025-41002)
Vulnerability from cvelistv5 – Published: 2026-02-23 09:30 – Updated: 2026-02-24 13:27
VLAI?
Title
SQL injection in Infoticketing
Summary
SQL injection vulnerability in Infoticketing. This vulnerability allows
an unauthenticated attacker to retrieve, create, update, and delete the
database by sending a POST request using the 'code' parameter in '/components/cart/cartApplyDiscount.php'.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MANANTIAL DE IDEAS | Infoticketing |
Affected:
all versions
|
Credits
Gonzalo Aguilar García (6h4ack)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41002",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-23T12:46:06.530064Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-23T12:46:22.950Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Infoticketing",
"vendor": "MANANTIAL DE IDEAS",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:manantial_de_ideas:infoticketing:all_versions:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gonzalo Aguilar Garc\u00eda (6h4ack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SQL injection vulnerability in Infoticketing. This vulnerability allows\n an unauthenticated attacker to retrieve, create, update, and delete the\n database by sending a POST request using the \u0027code\u0027\u0026nbsp;parameter in \u0027/components/cart/cartApplyDiscount.php\u0027.\n\n\u003cbr\u003e"
}
],
"value": "SQL injection vulnerability in Infoticketing. This vulnerability allows\n an unauthenticated attacker to retrieve, create, update, and delete the\n database by sending a POST request using the \u0027code\u0027\u00a0parameter in \u0027/components/cart/cartApplyDiscount.php\u0027."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T13:27:24.061Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-infoticketing"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SQL injection in Infoticketing",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2025-41002",
"datePublished": "2026-02-23T09:30:22.990Z",
"dateReserved": "2025-04-16T09:08:41.550Z",
"dateUpdated": "2026-02-24T13:27:24.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41023 (GCVE-0-2025-41023)
Vulnerability from cvelistv5 – Published: 2026-02-19 08:50 – Updated: 2026-02-23 18:33
VLAI?
Title
Authentication bypass in AutoGPT de Thesamur
Summary
An authentication bypass vulnerability has been found in Thesamur's AutoGPT. This vulnerability allows an attacker to bypass authentication mechanisms. Once inside the web application, the attacker can use any of its features regardless of the authorisation method used.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
Date Public ?
2026-02-19 08:47
Credits
Gonzalo Aguilar García (6h4ack)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41023",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-23T18:32:46.680436Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-23T18:33:12.573Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AutoGPT",
"vendor": "Thesamur",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:thesamur:autogpt:all_versions:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gonzalo Aguilar Garc\u00eda (6h4ack)"
}
],
"datePublic": "2026-02-19T08:47:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass vulnerability has been found in Thesamur\u0027s AutoGPT. This vulnerability allows an attacker to bypass authentication mechanisms. Once inside the web application, the attacker can use any of its features regardless of the authorisation method used."
}
],
"value": "An authentication bypass vulnerability has been found in Thesamur\u0027s AutoGPT. This vulnerability allows an attacker to bypass authentication mechanisms. Once inside the web application, the attacker can use any of its features regardless of the authorisation method used."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T08:50:36.880Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/authentication-bypass-autogpt-de-thesamur"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No solution has been reported at this time.\u003cbr\u003e"
}
],
"value": "No solution has been reported at this time."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Authentication bypass in AutoGPT de Thesamur",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2025-41023",
"datePublished": "2026-02-19T08:50:36.880Z",
"dateReserved": "2025-04-16T09:09:25.290Z",
"dateUpdated": "2026-02-23T18:33:12.573Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40697 (GCVE-0-2025-40697)
Vulnerability from cvelistv5 – Published: 2026-02-19 08:44 – Updated: 2026-02-24 13:26
VLAI?
Title
Reflected Cross-Site Scripting (XSS) in Lewe WebMeasure
Summary
Reflected Cross-Site Scripting (XSS) vulnerability in '/index.php' in Lewe WebMeasure, which allows remote attackers to execute arbitrary code through the 'page' parameter. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Lewe | WebMeasure |
Affected:
all versions
|
Credits
Gonzalo Aguilar García (6h4ack)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40697",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-20T16:07:00.581248Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T16:08:24.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "WebMeasure",
"vendor": "Lewe",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lewe:webmeasure:all_versions:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gonzalo Aguilar Garc\u00eda (6h4ack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eReflected Cross-Site Scripting (XSS) vulnerability in \u0027\u003c/span\u003e\u003cem\u003e/index.php\u003c/em\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0027 in Lewe WebMeasure, which allows remote attackers to execute arbitrary code through the \u0027\u003c/span\u003e\u003cem\u003epage\u003c/em\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0027 parameter. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in \u0027/index.php\u0027 in Lewe WebMeasure, which allows remote attackers to execute arbitrary code through the \u0027page\u0027 parameter. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T13:26:55.909Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-xss-lewe-webmeasure"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Reflected Cross-Site Scripting (XSS) in Lewe WebMeasure",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2025-40697",
"datePublished": "2026-02-19T08:44:16.386Z",
"dateReserved": "2025-04-16T08:38:18.261Z",
"dateUpdated": "2026-02-24T13:26:55.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2736 (GCVE-0-2026-2736)
Vulnerability from cvelistv5 – Published: 2026-02-19 08:39 – Updated: 2026-03-09 08:54
VLAI?
Title
Reflected Cross-Site Scripting (XSS) vulnerability in Alkacon's OpenCms
Summary
Reflected Cross-site Scripting (XSS) in Alkacon's OpenCms v18.0, which allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL containing the ‘q’ parameter in ‘/search/index.html’. This vulnerability can be exploited to steal sensitive user information such as session cookies, or to perform actions while impersonating the user.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Date Public ?
2026-02-19 08:00
Credits
Gonzalo Aguilar García (6h4ack)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2736",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-20T16:06:01.863811Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T16:06:20.215Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenCms",
"vendor": "Alkacon",
"versions": [
{
"status": "affected",
"version": "18.0"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:alkacon:opencms:18.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gonzalo Aguilar Garc\u00eda (6h4ack)"
}
],
"datePublic": "2026-02-19T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-site Scripting (XSS) in Alkacon\u0027s OpenCms v18.0, which allows an attacker to execute JavaScript code in the victim\u0027s browser by sending the victim a malicious URL containing the \u2018q\u2019 parameter in \u2018/search/index.html\u2019. This vulnerability can be exploited to steal sensitive user information such as session cookies, or to perform actions while impersonating the user."
}
],
"value": "Reflected Cross-site Scripting (XSS) in Alkacon\u0027s OpenCms v18.0, which allows an attacker to execute JavaScript code in the victim\u0027s browser by sending the victim a malicious URL containing the \u2018q\u2019 parameter in \u2018/search/index.html\u2019. This vulnerability can be exploited to steal sensitive user information such as session cookies, or to perform actions while impersonating the user."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-09T08:54:49.983Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-alkacons-opencms"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerabilities have been fixed by the Alkacon team in version 19.0."
}
],
"value": "The vulnerabilities have been fixed by the Alkacon team in version 19.0."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) vulnerability in Alkacon\u0027s OpenCms",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-2736",
"datePublished": "2026-02-19T08:39:46.150Z",
"dateReserved": "2026-02-19T08:18:54.936Z",
"dateUpdated": "2026-03-09T08:54:49.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2735 (GCVE-0-2026-2735)
Vulnerability from cvelistv5 – Published: 2026-02-19 08:38 – Updated: 2026-02-20 16:05
VLAI?
Title
Stored Cross-Site Scripting (XSS) vulnerability in Alkacon's OpenCms
Summary
Stored Cross-Site Scripting (XSS) in Alkacon's OpenCms v18.0, which occurs when user input is not properly validated when sending a POST request to ‘/blog/new-article/org.opencms.ugc.CmsUgcEditService.gwt’ using the ‘text’ parameter.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Date Public ?
2026-02-19 08:00
Credits
Gonzalo Aguilar García (6h4ack)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2735",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-20T16:05:10.680079Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T16:05:26.014Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenCms",
"vendor": "Alkacon",
"versions": [
{
"status": "affected",
"version": "18.0"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:alkacon:opencms:18.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gonzalo Aguilar Garc\u00eda (6h4ack)"
}
],
"datePublic": "2026-02-19T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Stored Cross-Site Scripting (XSS) in Alkacon\u0027s OpenCms v18.0, which occurs when user input is not properly validated when sending a POST request to \u2018/blog/new-article/org.opencms.ugc.CmsUgcEditService.gwt\u2019 using the \u2018text\u2019 parameter."
}
],
"value": "Stored Cross-Site Scripting (XSS) in Alkacon\u0027s OpenCms v18.0, which occurs when user input is not properly validated when sending a POST request to \u2018/blog/new-article/org.opencms.ugc.CmsUgcEditService.gwt\u2019 using the \u2018text\u2019 parameter."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T08:38:31.071Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-alkacons-opencms"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerabilities have been fixed by the Alkacon team in version 19.0."
}
],
"value": "The vulnerabilities have been fixed by the Alkacon team in version 19.0."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Stored Cross-Site Scripting (XSS) vulnerability in Alkacon\u0027s OpenCms",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-2735",
"datePublished": "2026-02-19T08:38:31.071Z",
"dateReserved": "2026-02-19T08:18:53.756Z",
"dateUpdated": "2026-02-20T16:05:26.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2464 (GCVE-0-2026-2464)
Vulnerability from cvelistv5 – Published: 2026-02-18 13:43 – Updated: 2026-02-18 14:47
VLAI?
Title
Directory Traversal in AMR Printer Management by AMR
Summary
Path traversal vulnerability in the AMR Printer Management 1.01 Beta web service, which allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service. The service is accessible without authentication and runs with elevated privileges, amplifying the impact of the vulnerability. An attacker can exploit this condition to access sensitive and privileged files on the system using path traversal payloads. Successful exploitation of this vulnerability could lead to the unauthorized disclosure of internal system information, compromising the confidentiality of the affected environment.
Severity ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AMR | AMR Printer Management Beta web service |
Affected:
1.01
|
Date Public ?
2026-02-17 11:00
Credits
Daniel Damota Maldonado
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2464",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-18T14:46:02.401249Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T14:47:38.856Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AMR Printer Management Beta web service",
"vendor": "AMR",
"versions": [
{
"status": "affected",
"version": "1.01"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amr:amr_printer_management_beta_web_service:1.01:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Daniel Damota Maldonado"
}
],
"datePublic": "2026-02-17T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path traversal vulnerability in the AMR Printer Management 1.01 Beta web service, which allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service. The service is accessible without authentication and runs with elevated privileges, amplifying the impact of the vulnerability. An attacker can exploit this condition to access sensitive and privileged files on the system using path traversal payloads. Successful exploitation of this vulnerability could lead to the unauthorized disclosure of internal system information, compromising the confidentiality of the affected environment."
}
],
"value": "Path traversal vulnerability in the AMR Printer Management 1.01 Beta web service, which allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service. The service is accessible without authentication and runs with elevated privileges, amplifying the impact of the vulnerability. An attacker can exploit this condition to access sensitive and privileged files on the system using path traversal payloads. Successful exploitation of this vulnerability could lead to the unauthorized disclosure of internal system information, compromising the confidentiality of the affected environment."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T13:43:08.101Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/directory-traversal-amr-printer-management-amr"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The manufacturer claims to have fixed the vulnerability."
}
],
"value": "The manufacturer claims to have fixed the vulnerability."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Directory Traversal in AMR Printer Management by AMR",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-2464",
"datePublished": "2026-02-18T13:43:08.101Z",
"dateReserved": "2026-02-13T12:10:06.897Z",
"dateUpdated": "2026-02-18T14:47:38.856Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59920 (GCVE-0-2025-59920)
Vulnerability from cvelistv5 – Published: 2026-02-18 13:41 – Updated: 2026-02-18 14:06
VLAI?
Title
SQL injection in time@work from systems@work
Summary
When hours are entered in time@work, version 7.0.5, it performs a query to display the projects assigned to the user. If the query URL is copied and opened in a new browser window, the ‘IDClient’ parameter is vulnerable to a blind authenticated SQL injection. If the request is made with the TWAdmin user with the sysadmin role enabled, exploiting the vulnerability will allow commands to be executed on the system; if the user does not belong to the sysadmin role, they will still be able to query data from the database.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| systems at work | time at work |
Affected:
7.0.5
|
Date Public ?
2026-02-13 11:00
Credits
Enrique Fernández Lorenzo (Bighound)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59920",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-18T14:06:10.827511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T14:06:31.380Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "time at work",
"vendor": "systems at work",
"versions": [
{
"status": "affected",
"version": "7.0.5"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systems_at_work:time_at_work:7.0.5:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Enrique Fern\u00e1ndez Lorenzo (Bighound)"
}
],
"datePublic": "2026-02-13T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When hours are entered in time@work, version 7.0.5, it performs a query to display the projects assigned to the user. If the query URL is copied and opened in a new browser window, the \u2018IDClient\u2019 parameter is vulnerable to a blind authenticated SQL injection. If the request is made with the TWAdmin user with the sysadmin role enabled, exploiting the vulnerability will allow commands to be executed on the system; if the user does not belong to the sysadmin role, they will still be able to query data from the database."
}
],
"value": "When hours are entered in time@work, version 7.0.5, it performs a query to display the projects assigned to the user. If the query URL is copied and opened in a new browser window, the \u2018IDClient\u2019 parameter is vulnerable to a blind authenticated SQL injection. If the request is made with the TWAdmin user with the sysadmin role enabled, exploiting the vulnerability will allow commands to be executed on the system; if the user does not belong to the sysadmin role, they will still be able to query data from the database."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T13:41:02.115Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-timework-systemswork"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability has been fixed by the systems@work team in version 8.0.4.\u003cbr\u003e"
}
],
"value": "The vulnerability has been fixed by the systems@work team in version 8.0.4."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SQL injection in time@work from systems@work",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2025-59920",
"datePublished": "2026-02-18T13:41:02.115Z",
"dateReserved": "2025-09-23T10:24:23.469Z",
"dateUpdated": "2026-02-18T14:06:31.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1441 (GCVE-0-2026-1441)
Vulnerability from cvelistv5 – Published: 2026-02-18 13:14 – Updated: 2026-02-18 14:12
VLAI?
Title
Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface
Summary
Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim's browser and limited manipulation of the affected user's session context, through the '/system/index_sets/' endpoint.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Graylog | Graylog Web Interface |
Affected:
2.2.3
|
Date Public ?
2026-02-17 11:00
Credits
Julen Garrido Estévez (B3xal)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1441",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-18T14:11:47.357581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T14:12:52.186Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Graylog Web Interface",
"vendor": "Graylog",
"versions": [
{
"status": "affected",
"version": "2.2.3"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:graylog:graylog_web_interface:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Julen Garrido Est\u00e9vez (B3xal)"
}
],
"datePublic": "2026-02-17T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim\u0027s browser and limited manipulation of the affected user\u0027s session context, through the\u0026nbsp; \u0027/\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esystem/index_sets\u003c/span\u003e/\u0027 endpoint."
}
],
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim\u0027s browser and limited manipulation of the affected user\u0027s session context, through the\u00a0 \u0027/system/index_sets/\u0027 endpoint."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T13:14:11.570Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-graylog"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete.\u003cbr\u003e"
}
],
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-1441",
"datePublished": "2026-02-18T13:14:11.570Z",
"dateReserved": "2026-01-26T13:21:06.202Z",
"dateUpdated": "2026-02-18T14:12:52.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1440 (GCVE-0-2026-1440)
Vulnerability from cvelistv5 – Published: 2026-02-18 13:13 – Updated: 2026-02-18 14:14
VLAI?
Title
Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface
Summary
Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim's browser and limited manipulation of the affected user's session context, through the '/system/pipelines/' endpoint.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Graylog | Graylog Web Interface |
Affected:
2.2.3
|
Date Public ?
2026-02-17 11:00
Credits
Julen Garrido Estévez (B3xal)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1440",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-18T14:14:13.537048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T14:14:32.131Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Graylog Web Interface",
"vendor": "Graylog",
"versions": [
{
"status": "affected",
"version": "2.2.3"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:graylog:graylog_web_interface:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Julen Garrido Est\u00e9vez (B3xal)"
}
],
"datePublic": "2026-02-17T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim\u0027s browser and limited manipulation of the affected user\u0027s session context, through the\u0026nbsp; \u0027/\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esystem/pipelines\u003c/span\u003e/\u0027 endpoint."
}
],
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim\u0027s browser and limited manipulation of the affected user\u0027s session context, through the\u00a0 \u0027/system/pipelines/\u0027 endpoint."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T13:13:51.933Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-graylog"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete.\u003cbr\u003e"
}
],
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-1440",
"datePublished": "2026-02-18T13:13:51.933Z",
"dateReserved": "2026-01-26T13:21:04.811Z",
"dateUpdated": "2026-02-18T14:14:32.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1439 (GCVE-0-2026-1439)
Vulnerability from cvelistv5 – Published: 2026-02-18 13:13 – Updated: 2026-02-18 14:15
VLAI?
Title
Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface
Summary
Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim's browser and limited manipulation of the affected user's session context, through the '/
alerts
/' endpoint.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Graylog | Graylog Web Interface |
Affected:
2.2.3
|
Date Public ?
2026-02-17 11:00
Credits
Julen Garrido Estévez (B3xal)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1439",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-18T14:15:28.375329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T14:15:43.904Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Graylog Web Interface",
"vendor": "Graylog",
"versions": [
{
"status": "affected",
"version": "2.2.3"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:graylog:graylog_web_interface:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Julen Garrido Est\u00e9vez (B3xal)"
}
],
"datePublic": "2026-02-17T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim\u0027s browser and limited manipulation of the affected user\u0027s session context, through the\u0026nbsp; \u0027/\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ealerts\u003c/span\u003e\n\n/\u0027 endpoint."
}
],
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim\u0027s browser and limited manipulation of the affected user\u0027s session context, through the\u00a0 \u0027/\n\nalerts\n\n/\u0027 endpoint."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T13:13:36.893Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-graylog"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete.\u003cbr\u003e"
}
],
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-1439",
"datePublished": "2026-02-18T13:13:36.893Z",
"dateReserved": "2026-01-26T13:21:03.762Z",
"dateUpdated": "2026-02-18T14:15:43.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1438 (GCVE-0-2026-1438)
Vulnerability from cvelistv5 – Published: 2026-02-18 13:13 – Updated: 2026-02-18 14:16
VLAI?
Title
Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface
Summary
Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim's browser and limited manipulation of the affected user's session context, through the '/system/nodes/' endpoint.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Graylog | Graylog Web Interface |
Affected:
2.2.3
|
Date Public ?
2026-02-17 11:00
Credits
Julen Garrido Estévez (B3xal)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1438",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-18T14:16:14.812623Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T14:16:24.178Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Graylog Web Interface",
"vendor": "Graylog",
"versions": [
{
"status": "affected",
"version": "2.2.3"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:graylog:graylog_web_interface:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Julen Garrido Est\u00e9vez (B3xal)"
}
],
"datePublic": "2026-02-17T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim\u0027s browser and limited manipulation of the affected user\u0027s session context, through the\u0026nbsp; \u0027/system/nodes/\u0027 endpoint."
}
],
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim\u0027s browser and limited manipulation of the affected user\u0027s session context, through the\u00a0 \u0027/system/nodes/\u0027 endpoint."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T13:13:23.498Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-graylog"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete.\u003cbr\u003e"
}
],
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-1438",
"datePublished": "2026-02-18T13:13:23.498Z",
"dateReserved": "2026-01-26T13:21:01.828Z",
"dateUpdated": "2026-02-18T14:16:24.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1437 (GCVE-0-2026-1437)
Vulnerability from cvelistv5 – Published: 2026-02-18 13:12 – Updated: 2026-02-18 14:18
VLAI?
Title
Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface
Summary
Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim's browser and limited manipulation of the affected user's session context, through the '/system/authentication/users/edit/' endpoint.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Graylog | Graylog Web Interface |
Affected:
2.2.3
|
Date Public ?
2026-02-17 11:00
Credits
Julen Garrido Estévez (B3xal)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1437",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-18T14:18:16.140386Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T14:18:50.657Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Graylog Web Interface",
"vendor": "Graylog",
"versions": [
{
"status": "affected",
"version": "2.2.3"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:graylog:graylog_web_interface:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Julen Garrido Est\u00e9vez (B3xal)"
}
],
"datePublic": "2026-02-17T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim\u0027s browser and limited manipulation of the affected user\u0027s session context, through the\u0026nbsp;\u0027/system/authentication/users/edit/\u0027 endpoint."
}
],
"value": "Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. Exploitation of this vulnerability may allow script execution in the victim\u0027s browser and limited manipulation of the affected user\u0027s session context, through the\u00a0\u0027/system/authentication/users/edit/\u0027 endpoint."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T13:12:57.904Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-graylog"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete.\u003cbr\u003e"
}
],
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-1437",
"datePublished": "2026-02-18T13:12:57.904Z",
"dateReserved": "2026-01-26T13:21:00.860Z",
"dateUpdated": "2026-02-18T14:18:50.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1436 (GCVE-0-2026-1436)
Vulnerability from cvelistv5 – Published: 2026-02-18 13:09 – Updated: 2026-02-18 14:19
VLAI?
Title
Improper Access Control (IDOR) vulnerability in Graylog Web Interface
Summary
Improper Access Control (IDOR) in the Graylog API, version 2.2.3, which occurs when modifying the user ID in the URL. An authenticated user can access other user's profiles without proper authorization checks. Exploiting this vulnerability allows valid users of the system to be listed and sensitive third-party information to be accessed, such as names, email addresses, internal identifiers, and last activity. The endpoint 'http://<IP>:12900/users/<my_user>' does not implement object-level authorization validations.
Severity ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Graylog | Graylog Web Interface |
Affected:
2.2.3
|
Date Public ?
2026-02-17 11:00
Credits
Julen Garrido Estévez (B3xal)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1436",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-18T14:19:25.627419Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T14:19:37.438Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Graylog Web Interface",
"vendor": "Graylog",
"versions": [
{
"status": "affected",
"version": "2.2.3"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:graylog:graylog_web_interface:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Julen Garrido Est\u00e9vez (B3xal)"
}
],
"datePublic": "2026-02-17T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Access Control (IDOR) in the Graylog API, version 2.2.3, which occurs when modifying the user ID in the URL. An authenticated user can access other user\u0027s profiles without proper authorization checks. Exploiting this vulnerability allows valid users of the system to be listed and sensitive third-party information to be accessed, such as names, email addresses, internal identifiers, and last activity. The endpoint \u0027http://\u0026lt;IP\u0026gt;:12900/users/\u0026lt;my_user\u0026gt;\u0027 does not implement object-level authorization validations."
}
],
"value": "Improper Access Control (IDOR) in the Graylog API, version 2.2.3, which occurs when modifying the user ID in the URL. An authenticated user can access other user\u0027s profiles without proper authorization checks. Exploiting this vulnerability allows valid users of the system to be listed and sensitive third-party information to be accessed, such as names, email addresses, internal identifiers, and last activity. The endpoint \u0027http://\u003cIP\u003e:12900/users/\u003cmy_user\u003e\u0027 does not implement object-level authorization validations."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T13:11:34.044Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-graylog"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete.\u003cbr\u003e"
}
],
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Access Control (IDOR) vulnerability in Graylog Web Interface",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-1436",
"datePublished": "2026-02-18T13:09:35.443Z",
"dateReserved": "2026-01-26T13:20:07.838Z",
"dateUpdated": "2026-02-18T14:19:37.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1435 (GCVE-0-2026-1435)
Vulnerability from cvelistv5 – Published: 2026-02-18 13:08 – Updated: 2026-02-18 20:24
VLAI?
Title
Incorrect management of session invalidation vulnerability in Graylog Web Interface
Summary
Not properly invalidated session vulnerability in Graylog Web Interface, version 2.2.3, due to incorrect management of session invalidation after new logins. The application generates a new 'sessionId' each time a user authenticates, but does not invalidate previously issued session identifiers, which remain valid even after multiple consecutive logins by the same user. As a result, a stolen or leaked 'sessionId' can continue to be used to authenticate valid requests. Exploiting this vulnerability would allow an attacker with access to the web service/API network (port 9000 or HTTP/S endpoint of the server) to reuse an old session token to gain unauthorized access to the application, interact with the API/web, and compromise the integrity of the affected account.
Severity ?
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Graylog | Graylog Web Interface |
Affected:
2.2.3
|
Date Public ?
2026-02-17 11:00
Credits
Julen Garrido Estévez (B3xal)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1435",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-18T20:24:23.637951Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T20:24:40.349Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Graylog Web Interface",
"vendor": "Graylog",
"versions": [
{
"status": "affected",
"version": "2.2.3"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:graylog:graylog_web_interface:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Julen Garrido Est\u00e9vez (B3xal)"
}
],
"datePublic": "2026-02-17T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Not properly invalidated session vulnerability in Graylog Web Interface, version 2.2.3, due to incorrect management of session invalidation after new logins. The application generates a new \u0027sessionId\u0027 each time a user authenticates, but does not invalidate previously issued session identifiers, which remain valid even after multiple consecutive logins by the same user. As a result, a stolen or leaked \u0027sessionId\u0027 can continue to be used to authenticate valid requests. Exploiting this vulnerability would allow an attacker with access to the web service/API network (port 9000 or HTTP/S endpoint of the server) to reuse an old session token to gain unauthorized access to the application, interact with the API/web, and compromise the integrity of the affected account."
}
],
"value": "Not properly invalidated session vulnerability in Graylog Web Interface, version 2.2.3, due to incorrect management of session invalidation after new logins. The application generates a new \u0027sessionId\u0027 each time a user authenticates, but does not invalidate previously issued session identifiers, which remain valid even after multiple consecutive logins by the same user. As a result, a stolen or leaked \u0027sessionId\u0027 can continue to be used to authenticate valid requests. Exploiting this vulnerability would allow an attacker with access to the web service/API network (port 9000 or HTTP/S endpoint of the server) to reuse an old session token to gain unauthorized access to the application, interact with the API/web, and compromise the integrity of the affected account."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T13:08:36.348Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-graylog"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete.\u003cbr\u003e"
}
],
"value": "It is recommended to update the software to the latest version, where the vulnerability described has already been mitigated. For the affected version, the vulnerability is not mitigated, as the manufacturer considers all versions prior to the current one to be obsolete."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Incorrect management of session invalidation vulnerability in Graylog Web Interface",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-1435",
"datePublished": "2026-02-18T13:08:36.348Z",
"dateReserved": "2026-01-26T13:20:06.891Z",
"dateUpdated": "2026-02-18T20:24:40.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}