CVE-2026-30082 in IngEstate Server
Résumé (Anglaise)
Multiple stored cross-site scripting (XSS) vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the About application, What's news, or Release note parameters.
Responsable
MITRE
Réserver
04/03/2026
Divulgation
30/03/2026
Entrées
| ID | Vulnérabilité | CWE | Base | Temp | 0day | Aujourd'hui | Exp | KEV | EPSS | CTI | Con | CVE |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 354201 | IngEstate Server Software Package List cross site scripting | 79 | 3.5 | 3.5 | $0-$5k | $0-$5k | Non défini | 0.00000 | 3.00+ | Non défini | CVE-2026-30082 |