CVE-2026-3041 | xingfuggz BaykeShop up to 1.3.20 Article Sidebar custom.html sidebar.content cross site scripting

A vulnerability classified as problematic was found in xingfuggz BaykeShop up to 1.3.20. Impacted is an unknown function of the file src/baykeshop/contrib/article/templates/baykeshop/sidebar/custom.html of the component Article Sidebar Module. Such manipulation of the argument sidebar.content leads to cross site scripting.

This vulnerability is documented as CVE-2026-3041. The attack can be executed remotely. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-3041 | xingfuggz BaykeShop up to 1.3.20 Article Sidebar custom.html sidebar.content cross site scripting

Post correlati

CVE-2025-68840 | iRobots.txt SEO Plugin up to 1.1.2 on WordPress cross site scripting

CVE-2024-38506 | JetBrains YouTrack up to 2024.1.29548 Auto-attach Option authorization

CVE-2025-15098 | YunaiV yudao-cloud up to 2025.11 Business Process Management BpmHttpCallbackTrigger/BpmSyncHttpRequestTrigger url/header/body server-side request forgery

CVE-2025-22846 | F5 BIG-IP/BIG-IP Next SPK prior 16.1.5/17.1.2 Traffic Management Microkernel denial of service (K000139780)