CVE-2026-10234 | Mettle sendportal up to 3.0.1 Campaign /webview/ content cross site scripting (Issue 338)

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability described as problematic has been identified in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting.

This vulnerability is reported as CVE-2026-10234. The attack can be launched remotely. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-10234 | Mettle sendportal up to 3.0.1 Campaign /webview/ content cross site scripting (Issue 338)

Post correlati

CVE-2023-48664 | Dell vApp Manager prior 9.2.4.x os command injection (dsa-2023-443)

CVE-2024-6766 | WP-FeedStats shortcodes-ultimate-pro Plugin up to 7.2.0 on WordPress Shortcode Attribute cross site scripting

CVE-2025-7790 | D-Link DI-8100 16.07.26A1 HTTP Request /menu_nat.asp out_addr/in_addr/out_port/proto stack-based overflow

CVE-2024-22432 | Dell NetWorker Module for Databases and Applications up to 19.9.0.3 Database Backup credentials storage (dsa-2024-059)