CVE-2026-38935 | diskover-community up to 2.3.5 public/view.php doctype cross site scripting

Inserito da Angelo Barbosa | Apr 27, 2026 | CVE

A vulnerability described as problematic has been identified in diskover-community up to 2.3.5. Affected by this vulnerability is an unknown functionality of the file public/view.php. Executing a manipulation of the argument doctype can lead to cross site scripting.

The identification of this vulnerability is CVE-2026-38935. The attack may be launched remotely. There is no exploit available.

CVE-2026-38935 | diskover-community up to 2.3.5 public/view.php doctype cross site scripting

Post correlati

CVE-2024-30289 | Adobe Framemaker up to 2020.5/2022.3 stack-based overflow (apsb24-37)

CVE-2025-10851 | Campcodes Gym Management System 1.0 /ajax.php?action=login Username sql injection

CVE-2022-49389 | Linux Kernel up to 5.18.3 stub_probe path traversal

CVE-2024-4318 | Tutor LMS Plugin up to 2.7.0 on WordPress sql injection