Critical CVE-2026-46496 HAX CMS helps manage microsite universe with PHP or NodeJs backends. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 26.0.0 due to improper sanitization of the `` component. The component allows `javascript:` URIs in the `source` attribute,...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[Critical] CVE-2026-46496 – HAX CMS helps manage microsite universe with PHP or NodeJs backends. A stored cr...

VERWANDTEARTIKEL

CVE-2026-46400 - HAXCMS PHP has a File Upload Validation Bypass

CVE-2026-45779 - Open XDMoD Vulnerable to Unauthenticated SQL Injection Leading to Full Database Compromise

CVE-2026-46398 - HAX CMS Missing Secure Flag on Cookie

CVE-2026-45758 - Malicious code in guardrails-ai 0.10.1 (supply chain compromise)

CVE-2026-45777 - Open XDMoD Vulnerable to Unauthenticated Remote Code Execution (RCE) via OS Command Injection

CVE-2026-45778 - Open XDMoD Vulnerable to Reflected Cross-Site Scripting (XSS) in Password Reset