CVE-2026-41200 STIG Manager has reflected XSS vulnerability in the Web App

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

CVE-2026-41200

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

STIG Manager 跨站脚本漏洞

STIG Manager is an information security compliance assessment management tool open source by NUWCDIVNPT. Versions 1.5.10 to 1.6.7 of STIG Manager have a cross-site scripting vulnerability. This vulnerability stems from improper handling of OIDC authentication errors, where innerHTML is written...

PT-2026-34595

STIG Manager is an API and web client for managing Security Technical Implementation Guides STIG assessments of Information Systems. Versions 1.5.10 through 1.6.7 have a reflected Cross-Site Scripting XSS vulnerability in the OIDC authentication error handling code in src/init.js and...

Apache Wicket Information Disclosure Vulnerability

Apache Wicket is the United States Apache Apache Software Foundation , a set of open source , lightweight , component-based framework , which provides an object-oriented way to develop Web-based dynamic UI applications . An information disclosure vulnerability exists in Apache Wicket versions...