SecBoard
Zurück zur CVE-Übersicht

CVE-2026-8595

MEDIUM(6.8)

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L

Risk Signal Score27/100 — MITTEL
  • CVSS 6.8 — Mittel
  • Weniger als 24 Stunden alt

Beschreibung

A user with Editor permissions can craft a dashboard whose table (TableNG) panel contains a malicious field name that executes as a script in the browser of any user who views the dashboard (stored cross-site scripting).

Referenzen