CVE-2026-38579

CVE-2026-38579 describes multiple reflected Cross-Site Scripting (XSS) in the product family damasac thaipalliative_lte up to version 3.0. The vulnerability arises in the endpoint /substudy/ezform.php, where user input passed via the parameters idFormMain , id , and ptid_key is echoed into HTML a...

EUVD-2026-34845

Multiple reflected Cross-Site Scripting XSS vulnerabilities in damasac thaipalliativelte through version 3.0 allow remote attackers to inject arbitrary web script or HTML via the idFormMain parameter line 24, the id parameter lines 25, 75, and the ptidkey parameter lines 26, 42 in...

PT-2026-46963

Multiple reflected Cross-Site Scripting XSS vulnerabilities in damasac thaipalliative lte through version 3.0 allow remote attackers to inject arbitrary web script or HTML via the idFormMain parameter line 24, the id parameter lines 25, 75, and the ptid key parameter lines 26, 42 in...

CVE-2026-38579

Multiple reflected Cross-Site Scripting XSS vulnerabilities in damasac thaipalliativelte through version 3.0 allow remote attackers to inject arbitrary web script or HTML via the idFormMain parameter line 24, the id parameter lines 25, 75, and the ptidkey parameter lines 26, 42 in...