CVE-2026-26377 | Koha up to 25.11 News cross site scripting

Inserito da Angelo Barbosa | Mar 5, 2026 | CVE

A vulnerability marked as problematic has been reported in Koha up to 25.11. The impacted element is an unknown function of the component News. This manipulation causes cross site scripting.

This vulnerability appears as CVE-2026-26377. The attack may be initiated remotely. There is no available exploit.

CVE-2026-26377 | Koha up to 25.11 News cross site scripting

Post correlati

CVE-2025-22873 | Google Go up to 1.23.8/1.24.2 src/os/root.go path traversal (Issue 73555)

CVE-2024-41702 | SiberianCMS 5.0.8 sql injection

CVE-2025-61976 | Inaba Denki Sangyo CHOCO TEI WATCHER mini Video Download Interface unusual condition

CVE-2024-47104 | IBM i 7.4/7.5 Physical File Security Attributes permission assignment