EUVD-2026-30279

🗓️ 14 May 2026 13:24:14Reported by EUVDType

Webcon BPS has a reflected cross site scripting flaw in openinmobileapp; fixed in 2026.1.3.109 and 2025.2.1.293.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-1630	14 May 202613:24	–	attackerkb
Circl	CVE-2026-1630	14 May 202606:55	–	circl
CNNVD	WEBCON BPS 跨站脚本漏洞	14 May 202600:00	–	cnnvd
CVE	CVE-2026-1630	14 May 202613:24	–	cve
Cvelist	CVE-2026-1630 Reflected XSS in WEBCON BPS	14 May 202613:24	–	cvelist
NVD	CVE-2026-1630	14 May 202614:16	–	nvd
Positive Technologies	PT-2026-40916	14 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-1630	5 Jun 202619:34	–	redhatcve
Vulnrichment	CVE-2026-1630 Reflected XSS in WEBCON BPS	14 May 202613:24	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "d62a7a7e-ab4e-3930-9a6c-8fcbb877a856",
        "vendor": {
          "name": "WEBCON"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "20a6717a-5fa2-3f1e-a120-5078279f0979",
        "product": {
          "name": "WEBCON BPS"
        },
        "product_version": "2026.1.1.45 <2026.1.3.109"
      },
      {
        "id": "4d57938b-98e9-3c19-969c-3197a9695c59",
        "product": {
          "name": "WEBCON BPS"
        },
        "product_version": "2025.1.1.87 <2025.2.1.293"
      }
    ]
  }
]

Source	Link
cert	www.cert.pl/en/posts/2026/05/CVE-2026-1630/
community	www.community.webcon.com/download/changelog/398
community	www.community.webcon.com/download/changelog/394

14 May 2026 15:19Current

6Medium risk

Vulners AI Score6

CVSS 45.1

EPSS0.0043

SSVC