9 matches found
CVE-2026-26059
ChurchCRM is an open-source church management system. In versions prior to 6.8.2, it was possible for an authenticated user with permission to edit groups to store a JavaScript payload that would execute when the group was viewed in the Group View. Version 6.8.2 fixes this issue...
CVE-2026-26059
ChurchCRM is an open-source church management system. In versions prior to 6.8.2, it was possible for an authenticated user with permission to edit groups to store a JavaScript payload that would execute when the group was viewed in the Group View. Version 6.8.2 fixes this issue...
CVE-2026-26059
CVE-2026-26059 affects ChurchCRM prior to 6.8.2 and is a stored XSS in GroupEditor.php: an authenticated user with group-edit permissions could store a JavaScript payload that executes when the group is viewed. The issue is fixed in version 6.8.2. If upgrading is possible, apply 6.8.2 or newer to...
CVE-2026-26059 ChurchCRM has Stored Cross-Site Scripting (XSS) in GroupEditor.php
ChurchCRM is an open-source church management system. In versions prior to 6.8.2, it was possible for an authenticated user with permission to edit groups to store a JavaScript payload that would execute when the group was viewed in the Group View. Version 6.8.2 fixes this issue...
CVE-2026-26059 ChurchCRM has Stored Cross-Site Scripting (XSS) in GroupEditor.php
ChurchCRM is an open-source church management system. In versions prior to 6.8.2, it was possible for an authenticated user with permission to edit groups to store a JavaScript payload that would execute when the group was viewed in the Group View. Version 6.8.2 fixes this issue...
CVE-2026-26059 ChurchCRM has Stored Cross-Site Scripting (XSS) in GroupEditor.php
ChurchCRM is an open-source church management system. In versions prior to 6.8.2, it was possible for an authenticated user with permission to edit groups to store a JavaScript payload that would execute when the group was viewed in the Group View. Version 6.8.2 fixes this issue...
PT-2026-20912
Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 6.8.2 Description ChurchCRM is an open-source church management system. An authenticated user with permission to edit groups could store a JavaScript payload that would execute when the group was viewed in the Group...
CVE-2025-68399
ChurchCRM is an open-source church management system. In versions prior to 6.5.4, there is a Stored Cross-Site Scripting XSS vulnerability within the GroupEditor.php page of the application. When a user attempts to create a group role, they can execute malicious JavaScript. However, for this to...
Update Rollup 5 for System Center 2019 Operations Manager
Update Rollup 5 for System Center 2019 Operations Manager Introduction This article describes the new features and issues that are fixed in System Center Operations Manager 2019 Update Rollup 5. This article also contains the installation instructions for this update. For the list of features tha...