CVE-2026-8221 | Devs Palace ERP Online up to 4.0.0 /inventory/item-save cross site scripting

Inserito da Angelo Barbosa | Mag 9, 2026 | CVE

A vulnerability was found in Devs Palace ERP Online up to 4.0.0. It has been classified as problematic. This impacts an unknown function of the file /inventory/item-save. This manipulation causes cross site scripting.

This vulnerability is tracked as CVE-2026-8221. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-8221 | Devs Palace ERP Online up to 4.0.0 /inventory/item-save cross site scripting

Post correlati

CVE-2024-28102 | latchset jwcrypto up to 1.5.5 JWE Token Compression allocation of resources

CVE-2025-15608 | TP-Link AX53 prior 251029 stack-based overflow

CVE-2024-1396 | Averta Shortcodes and Extra Features for Phlox Theme up to 2.15.5 on WordPress title_tag cross site scripting

CVE-2024-40334 | idcCMS 1.35 serverFile_deal.php cross-site request forgery