CVE-2026-32139 | Dataease up to 2.10.19 Static Resource Upload Interface cross site scripting (GHSA-wx8m-vf8v-crvr)

Inserito da Angelo Barbosa | Mar 12, 2026 | CVE

A vulnerability was found in Dataease up to 2.10.19. It has been classified as problematic. Affected by this issue is some unknown functionality of the component Static Resource Upload Interface. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2026-32139. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-32139 | Dataease up to 2.10.19 Static Resource Upload Interface cross site scripting (GHSA-wx8m-vf8v-crvr)

Post correlati

CVE-2024-21749 | Atakan Au 1 click disable all Plugin up to 1.0.1 on WordPress cross-site request forgery

CVE-2024-1500 | Royal Elementor Addons and Templates Plugin up to 1.3.91 on WordPress Logo Widget cross site scripting

CVE-2025-60749 | Trimble SketchUp Desktop 2025 sketchup_webhelper.exe uncontrolled search path

CVE-2024-11654 | EnGenius ENH1350EXT/ENS500-AC/ENS620EXT up to 20241118 diag_traceroute6 command injection