CVE-2026-1151 | technical-laohu mpay up to 1.2.4 User Center Nickname cross site scripting

Inserito da Angelo Barbosa | Gen 18, 2026 | CVE

A vulnerability has been found in technical-laohu mpay up to 1.2.4 and classified as problematic. The affected element is an unknown function of the component User Center. This manipulation of the argument Nickname causes cross site scripting.

This vulnerability appears as CVE-2026-1151. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2026-1151 | technical-laohu mpay up to 1.2.4 User Center Nickname cross site scripting

Post correlati

CVE-2025-1162 | code-projects Job Recruitment 1.0 load_user-profile.php userhash sql injection

CVE-2024-51465 | IBM App Connect Enterprise Certified Container up to 12.3 Request os command injection

CVE-2024-34211 | Totolink CP450 4.1.0cu.747_B20191224 /etc/shadow.sample hard-coded password

CVE-2025-51488 | MoonShine 3.12.3 Name cross site scripting