3 matches found
CVE-2026-27787
Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product...
CVE-2026-27787
MATCHA SNS contains a cross-site scripting vulnerability (CVE-2026-27787) affecting version 1.3.9 and earlier. The root cause is an XSS flaw that could allow arbitrary script execution in a user’s browser when visiting a compromised page. Public sources in connected documents confirm affected ver...
MATCHA SNS access restriction bypass vulnerability
Overview MATCHA SNS provided by ICZ Corporation is an SNS software. MATCHA SNS contains an access restriction bypass vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A user without...