CVE-2026-27458 | Kovah LinkAce up to 2.4.2 XML CDATA Section /lists/feed cross site scripting (GHSA-2r9p-95xj-p583)

Inserito da Angelo Barbosa | Feb 21, 2026 | CVE

A vulnerability labeled as problematic has been found in Kovah LinkAce up to 2.4.2. This affects an unknown part of the file /lists/feed of the component XML CDATA Section Handler. Such manipulation leads to basic cross site scripting.

This vulnerability is traded as CVE-2026-27458. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-27458 | Kovah LinkAce up to 2.4.2 XML CDATA Section /lists/feed cross site scripting (GHSA-2r9p-95xj-p583)

Post correlati

CVE-2025-33191 | NVIDIA DGX Spark GB10 SROOT Firmware denial of service

CVE-2023-50778 | PaaSLane Estimate Plugin up to 1.0.4 on Jenkins cross-site request forgery

CVE-2024-5380 | jsy-1 short-url 1.0.0 admin.php cross site scripting (I8UP2A)

CVE-2022-48578 | Apple macOS up to 12.4 AppleScript out-of-bounds (HT213345)