4 matches found
CVE-2026-31953
Xibo is an open source digital signage platform with a web content management system and Windows display player software. A stored Cross-Site Scripting XSS vulnerability in versions prior to 4.4.1 allows an authenticated user with notification creation permissions to inject arbitrary JavaScript...
CVE-2026-31953
Xibo is an open source digital signage platform with a web content management system and Windows display player software. A stored Cross-Site Scripting XSS vulnerability in versions prior to 4.4.1 allows an authenticated user with notification creation permissions to inject arbitrary JavaScript...
CVE-2026-31953
Xibo CMS contains a stored XSS in the notification body prior to version 4.4.1. An authenticated user with notification-creation privileges can inject JavaScript; if the notification is marked as an interrupt, the payload executes in targeted users’ browsers on login with zero user interaction. E...
PT-2026-34812
Xibo is an open source digital signage platform with a web content management system and Windows display player software. A stored Cross-Site Scripting XSS vulnerability in versions prior to 4.4.1 allows an authenticated user with notification creation permissions to inject arbitrary JavaScript...