CVE-2026-8262 | Devs Palace ERP Online up to 4.0.0 /accounts/chart-save cross site scripting

Inserito da Angelo Barbosa | Mag 10, 2026 | CVE

A vulnerability classified as problematic was found in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /accounts/chart-save. Such manipulation leads to cross site scripting.

This vulnerability is listed as CVE-2026-8262. The attack may be performed from remote. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-8262 | Devs Palace ERP Online up to 4.0.0 /accounts/chart-save cross site scripting

Post correlati

CVE-2024-53747 | NuttTaro Video Player for WPBakery Plugin up to 1.0.1 on WordPress cross site scripting

CVE-2025-50201 | LabRedesCefetRJ WeGIA up to 3.4.1 debug_info.php branch os command injection (GHSA-52p5-5fmw-9hrf)

CVE-2025-11425 | projectworlds Advanced Library Management System 1.0 /edit_admin.php firstname cross site scripting

CVE-2023-48810 | Totolink X6000R 9.4.0cu.852_B20230719 shttpd sub_4119A0 Privilege Escalation