Lucene search
K

Cross-site Scripting (XSS)

šŸ—“ļøĀ 10 Jan 2026Ā 06:53:29Reported byĀ Snyk Security DatabaseTypeĀ 
snyk
Ā snyk
šŸ”—Ā security.snyk.iošŸ‘Ā 2Ā Views

XSS via uploaded HTML files allows attacker to steal admin token and take control.

Related
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-46392
5 Jun 202618:20
–attackerkb
Circl
CVE-2026-22704
9 Jan 202618:45
–circl
CNNVD
HAX č·Øē«™č„šęœ¬ę¼ę“ž
10 Jan 202600:00
–cnnvd
CVE
CVE-2026-22704
10 Jan 202606:22
–cve
Cvelist
CVE-2026-22704 HAXcms Has Stored XSS Vulnerability that May Lead to Account Takeover
10 Jan 202606:22
–cvelist
Exploit DB
HAX CMS 24.x - Stored Cross-Site Scripting (XSS)
29 Apr 202600:00
–exploitdb
EUVD
EUVD-2026-1866
13 Jan 202615:07
–euvd
EUVD
EUVD-2026-34883
5 Jun 202618:20
–euvd
Github Security Blog
HAXcms Has Stored XSS Vulnerability that May Lead to Account Takeover
13 Jan 202615:07
–github
NVD
CVE-2026-22704
10 Jan 202607:16
–nvd
Rows per page

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

06 Feb 2026 01:17Current
5.5Medium risk
Vulners AI Score5.5
CVSS 3.15.4 - 9
CVSS 46.3
EPSS0.01036
SSVC
2