4 matches found
CVE-2026-1469
Summary: CVE-2026-1469 is a stored XSS in RLE NOVA’s PlanManager. The vulnerability allows injecting malicious payloads through the ‘comment’ and ‘brand’ parameters in ‘/index.php’; payloads are stored and later rendered without proper sanitization when other users view the page. Consequences sta...
EUVD-2026-4996
Stored Cross-Site Scripting XSS in RLE NOVA's PlanManager. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by injecting malicious payload through the ‘comment’ and ‘brand’ parameters in ‘/index.php’. The payload is stored by the application and subsequentl...
CVE-2026-1469 Stored Cross-Site Scripting (XSS) in RLE NOVA's PlanManager
Stored Cross-Site Scripting XSS in RLE NOVA's PlanManager. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by injecting malicious payload through the ‘comment’ and ‘brand’ parameters in ‘/index.php’. The payload is stored by the application and subsequentl...
PT-2026-5261
Stored Cross-Site Scripting XSS in RLE NOVA's PlanManager. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by injecting malicious payload through the ‘comment’ and ‘brand’ parameters in ‘/index.php’. The payload is stored by the application and subsequentl...