CVE-2026-24672 | Openeclass Open eClass up to 4.1 User Profile cross site scripting

Inserito da Angelo Barbosa | Feb 3, 2026 | CVE

A vulnerability was found in Openeclass Open eClass up to 4.1. It has been rated as problematic. Affected is an unknown function of the component User Profile Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2026-24672. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.

CVE-2026-24672 | Openeclass Open eClass up to 4.1 User Profile cross site scripting

Post correlati

CVE-2024-29011 | SonicWall GMS up to 9.3.4 hard-coded password (SNWLID-2024-0007)

CVE-2025-54848 | Socomec DIRIS Digiware M-70 1.6.9 Modbus TCP/Modbus RTU over TCP missing authentication (TALOS-2025-2248)

VDB-263811 | Panel.Amadey.d.c Login.php l/p cross site scripting

CVE-2024-1237 | Elementor Header & Footer Builder Plugin up to 1.6.24 on WordPress cross site scripting