CVE-2026-4626
⚪ Do wiadomości
Wstrzyknięcie skryptów w Lawyer Management System umożliwia atak XSS zdalnie.
CVSS
3.5
EPSS
0.0%
Exploit
none
Vendor
Opis źródłowy (NVD)
A vulnerability has been found in projectworlds Lawyer Management System 1.0. This impacts an unknown function of the file /lawyer_booking.php. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
xss
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 3.5 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 0.0% |
| Opublikowano (NVD) | 2026-03-24 04:17:25 UTC |
| Ostatnia modyfikacja (NVD) | 2026-03-24 15:53:48 UTC |
Referencje
- https://github.com/eqiya17/collection-of-vulnerability/issues/2 (cna@vuldb.com)
- https://vuldb.com/?ctiid.352494 (cna@vuldb.com)
- https://vuldb.com/?id.352494 (cna@vuldb.com)
- https://vuldb.com/?submit.775791 (cna@vuldb.com)