CVE-2026-3951 | LockerProject Locker 0.0.0/0.0.1/0.1.0 Error Response registry.js authIsAwesome ID cross site scripting (Issue 963)

A vulnerability was found in LockerProject Locker 0.0.0/0.0.1/0.1.0 and classified as problematic. Affected is the function authIsAwesome of the file source-code/Locker-master/Ops/registry.js of the component Error Response Handler. The manipulation of the argument ID results in cross site scripting.

This vulnerability is reported as CVE-2026-3951. The attack can be launched remotely. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-3951 | LockerProject Locker 0.0.0/0.0.1/0.1.0 Error Response registry.js authIsAwesome ID cross site scripting (Issue 963)

Post correlati

CVE-2024-6305 | WordPress up to 6.5.4 on WordPress Template Part Block cross site scripting (ID 58471)

CVE-2023-28815 | Hikvision iSecure Center command injection

CVE-2023-40110 | Google Android 11/12/12L/13/14 MtpPacket.cpp out-of-bounds write

CVE-2024-9210 | MC4WP Plugin up to 1.6.0 on WordPress cross site scripting