CVE-2026-35466 | CERTCC cveClient up to 1.0.23 CVE API Service cveInterface.js cross site scripting

Inserito da Angelo Barbosa | Apr 2, 2026 | CVE

A vulnerability identified as problematic has been detected in CERTCC cveClient up to 1.0.23. Affected is an unknown function of the file cveInterface.js of the component CVE API Service Handler. Performing a manipulation results in cross site scripting.

This vulnerability is known as CVE-2026-35466. Remote exploitation of the attack is possible. No exploit is available.

You should upgrade the affected component.

CVE-2026-35466 | CERTCC cveClient up to 1.0.23 CVE API Service cveInterface.js cross site scripting

Post correlati

CVE-2025-21101 | Dell Display Manager up to 2.3.2.19 Installation race condition (dsa-2025-033)

CVE-2023-52381 | Huawei HarmonyOS/EMUI Email Module code injection

CVE-2025-10628 | D-Link DIR-852 1.00CN B09 Web Management Interface hedwig.cgi command injection

CVE-2025-14183 | SGAI Space1 NAS N1211DS up to 1.0.915 gsaiagent /cgi-bin/JSONAPI GET_FACTORY_INFO/GET_USER_INFO credentials storage