CVE-2026-8253 in ERP Onlineinformação

Sumário

de MITRE • 11/05/2026

A vulnerability was identified in Devs Palace ERP Online up to 4.0.0. Affected by this vulnerability is an unknown functionality of the file /inventory/purchase_save. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulDB

Divulgação

11/05/2026

Moderação

aceite

Entrada

VDB-362550

CPE

pronto

CWE

CWE-79 (confirmado)

Exploração

Descarregar

CVSS

2.4 (VulDB)

EPSS

0.00030

KEV

não

Atividades

muito baixo

Sector

Insurance, Pharma, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-8253
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-8253
CVE Details	https://www.cvedetails.com/cve/CVE-2026-8253/

◂ Voltar Visão Geral Próximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!