CVE-2025-50007

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50007

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50007

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...

PT-2026-3987

Name of the Vulnerable Software and Affected Versions Jthemes xSmart versions through 1.2.9.4 Description An issue exists in Jthemes xSmart related to incorrectly configured access control security levels, allowing for missing authorization. The issue allows exploitation of access control...

PT-2026-3982

Name of the Vulnerable Software and Affected Versions Jthemes xSmart versions through 1.2.9.4 Description A flaw exists in Jthemes xSmart that allows for Reflected Cross-Site Scripting XSS. This issue arises from improper handling of user-supplied input during web page generation. The vulnerabili...

PT-2026-3983

Name of the Vulnerable Software and Affected Versions Jthemes xSmart versions through 1.2.9.4 Description An incorrect privilege assignment exists in Jthemes xSmart, potentially allowing privilege escalation. Recommendations Update Jthemes xSmart to a version later than 1.2.9.4...

CVE-2025-62936

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...

EUVD-2025-36005

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-62936

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...

PT-2025-43812

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...