11 matches found
SUSE CVE-2026-23926
An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...
CVE-2026-23926
An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...
DEBIAN-CVE-2026-23926
An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...
CVE-2026-23926
An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...
EUVD-2026-27527
An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...
CVE-2026-23926
The CVE-2026-23926 entry describes a Stored XSS in the Host navigator widget maintenance tooltip. An authenticated (non-super) administrator can create a maintenance period containing a JavaScript payload that is executed when any user opens the tooltip for that maintenance period, enabling the a...
CVE-2026-23926
An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...
CVE-2026-23926 Stored XSS vulnerability in Host navigator widget maintenance tooltip
An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...
CVE-2026-23926 Stored XSS vulnerability in Host navigator widget maintenance tooltip
An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...
CVE-2026-23926
An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...
PT-2026-37344
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An authenticated administrator without super-user privileges can inject a JavaScript payload when creating a maintenance period. This payload is executed when an...