CVE-2026-25529 | postalserver postal up to 3.3.4 Admin Interface cross site scripting

Inserito da Angelo Barbosa | Mar 12, 2026 | CVE

A vulnerability classified as problematic was found in postalserver postal up to 3.3.4. Affected by this issue is some unknown functionality of the component Admin Interface. Such manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2026-25529. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-25529 | postalserver postal up to 3.3.4 Admin Interface cross site scripting

Post correlati

CVE-2023-37407 | IBM Aspera Orchestrator 4.0.1 Request os command injection (XFDB-260116)

CVE-2024-9797 | code-projects Blood Bank System 1.0 register.php user sql injection

CVE-2021-34966 | Foxit PDF Editor 11.0.0.49893 FileAttachment Annotation use after free (ZDI-21-1197)

CVE-2023-50168 | Pegasystems Pega Platform up to 8.8.4 PDF Generation xml external entity reference