CVE-2026-26378 | Koha up to 25.11 Invoice Feature cross site scripting

Inserito da Angelo Barbosa | Giu 3, 2026 | CVE

A vulnerability was found in Koha up to 25.11. It has been classified as problematic. Impacted is an unknown function of the component Invoice Feature. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2026-26378. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-26378 | Koha up to 25.11 Invoice Feature cross site scripting

Post correlati

CVE-2024-50599 | Synacor Zimbra Collaboration Suite 8.8.15 Webmail Calendar Endpoint cross site scripting

CVE-2024-34067 | Pterodactyl Panel up to 1.11.5 cross site scripting

CVE-2025-64134 | JDepend Plugin up to 1.3.1 on Jenkins XML Parser xml external entity reference

CVE-2023-5653 | WassUp Real Time Analytics Plugin up to 1.9.4.5 on WordPress IP Address cross site scripting