CVE-2026-8256 | Devs Palace ERP Online up to 4.0.0 /accounts/mr-save cross site scripting

Inserito da Angelo Barbosa | Mag 10, 2026 | CVE

A vulnerability categorized as problematic has been discovered in Devs Palace ERP Online up to 4.0.0. This vulnerability affects unknown code of the file /accounts/mr-save. Such manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2026-8256. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-8256 | Devs Palace ERP Online up to 4.0.0 /accounts/mr-save cross site scripting

Post correlati

CVE-2021-47121 | Linux Kernel up to 5.12.9 caif caif_enroll_dev memory leak

CVE-2022-50543 | Linux Kernel up to 6.0.15/6.1.1 rxe_mr_cleanup double free

CVE-2026-6744 | Bagisto up to 2.3.15 Downloadable Link copy server-side request forgery

CVE-2024-36934 | Linux Kernel up to 6.8.9 bna memdup_user_nul null termination