23 matches found
CVE-2026-1959
Stored Cross-Site Scripting XSS vulnerability in Loggro Pymes, via the 'descripción' parameter in the '/loggrodemo/jbrain/MaestraCuentasBancarias' endpoint...
CVE-2026-1959 Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes
Stored Cross-Site Scripting XSS vulnerability in Loggro Pymes, via the 'descripción' parameter in the '/loggrodemo/jbrain/MaestraCuentasBancarias' endpoint...
CVE-2026-1959
Stored Cross-Site Scripting XSS vulnerability in Loggro Pymes, via the 'descripción' parameter in the '/loggrodemo/jbrain/MaestraCuentasBancarias' endpoint...
CVE-2026-1959
Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes, exploitable via the 'descripción' parameter in the '/loggrodemo/jbrain/MaestraCuentasBancarias' endpoint. The CVE entry indicates a MEDIUM impact (CVSS 4.0: base score 5.1; UI:A; AV:N; AC:L; PR:N; VI/DI/AI: NONE/LOW/NONE). Connected...
CVE-2025-41350
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
CVE-2025-41349
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
EUVD-2025-197977
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
EUVD-2025-197975
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
CVE-2025-41350
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
CVE-2025-41350
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
CVE-2025-41349
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
CVE-2025-41349
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
CVE-2025-41350
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
CVE-2025-41350 Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
CVE-2025-41350 Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
CVE-2025-41349 Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
CVE-2025-41349
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
CVE-2025-41349
CVE-2025-41349 affects WinPlus v24.11.27 by Informática del Este. A Stored XSS flaw arises from insufficient validation of the descripcion parameter sent via POST to the API endpoint /WinplusPortal/ws/sWinplus.svc/json/savesolpla_post, exploitable by a remote attacker against an authenticated use...
CVE-2025-41349 Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
Informática del Este WinPlus 跨站脚本漏洞
Informática del Este WinPlus is a human resource management platform from the Spanish company Informática del Este. A cross-site scripting vulnerability exists in Informática del Este WinPlus version v24.11.27, which stems from insufficient validation of inputs to the parameter descripcion and...